Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosim o preventivnu kontrolu, vdaka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
talbott
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 15 pro 2016 19:22

prosim o preventivnu kontrolu, vdaka

#1 Příspěvek od talbott »

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Ran by Ren (administrator) on MARIAAUGUSTINA (ASUSTeK COMPUTER INC. UX303LA) (23-12-2021 11:06:54)
Running from C:\Users\Ren\Desktop
Loaded Profiles: Ren
Platform: Microsoft Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\SysWOW64\UMonit64.exe
(ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14701.20262\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Software602 -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel(R) Software -> Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [915160 2014-04-18] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7822136 2014-06-26] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-11-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MouseDriver] => C:\Windows\System32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] (ASUS Cloud Corporation -> )
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Run: [] => [X]
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1092448 2014-11-19] (Nokia -> Nokia)
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ren\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ren\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\System32\602localmon.dll [36864 2015-07-14] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\91.1.10672.124\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-19] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\Installer\chrmstp.exe [2021-12-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\Ren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do aplikácie OneNote.lnk [2021-03-21]
ShortcutTarget: Odoslanie do aplikácie OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11223F27-69C4-438C-8E99-9DC79AFEDE0C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe (No File)
Task: {1820490E-18A0-4C26-9222-BBAE180E7CD0} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {1A4CD643-FB99-4F68-80B4-BBC472066208} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4188240 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {1EDD3BBD-887D-493A-8CAE-335CF0630742} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E7970B7-9610-4003-AF48-516D02A9BE23} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {2FD1D693-E3B9-4EC8-877F-FF9BB6463B46} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-15] (Google Inc -> Google Inc.)
Task: {31B33EF1-FFE9-4D54-965C-4F6DA626795E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D154121-44BB-429B-8447-A76E0FB718E0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {3ECE3D3A-ADC4-4BCB-9F62-963AF6765746} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-03-31] (ASUSTeK Computer Inc. -> AsusTek)
Task: {43724561-C254-4B48-885A-CB526FD0A214} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {4391F6DD-E781-4603-806A-FBB06BA427C8} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [158336 2013-01-09] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.)
Task: {47770895-EB25-48D8-AD9C-1A2B35B113CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {500F3FA1-900C-4715-ABC5-FB8B3326F3A5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {5115E551-4DFD-41F1-8FE4-80EA8D03A531} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108872 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {51CC7783-1C4E-4570-B9D3-8DE5F58160EB} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.)
Task: {53CE82EE-F3EA-4ACC-AC3A-2355F2532094} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {5EAA765C-63C1-4BA3-957F-AE936643D1E6} - System32\Tasks\CCleanerSkipUAC - Ren => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6DA30928-130F-473E-8776-AD799C09F6DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1271424 2014-09-02] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {6F138994-0AAF-4616-B091-A664C5DF01B8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {6F138994-0AAF-4616-B091-A664C5DF01B8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {7568F6D4-3273-4B4F-A4F0-3BFE9A327D32} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_pepper.exe [959152 2021-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {76DE2A0A-70E2-4408-9055-2E734AC19F1B} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [53248 2014-02-26] () [File not signed]
Task: {99D02AB4-E6D4-4CEC-BFC7-DA71959A386E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6332312 2021-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2B6D71F-4515-434C-B963-65BC8FDDC94F} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19858000 2014-07-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {A3DF2C5D-6D22-473A-AC3D-DE10237CE374} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {A6351B60-39AB-4A9F-911C-1A350A227599} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22797704 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A850E05E-C5E2-45DD-BF84-A8920B1953BD} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {BE339A5D-1ED7-40E2-B74B-7C3C341CB746} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [58440 2014-04-02] (ASUSTeK Computer Inc. -> ASUS)
Task: {C86B8AF9-A1A6-4DBB-B318-ABCEB741763C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {C86B8AF9-A1A6-4DBB-B318-ABCEB741763C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {C86B8AF9-A1A6-4DBB-B318-ABCEB741763C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {D98D252B-5A6A-436F-90B8-910F8ACE43DE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {D98D252B-5A6A-436F-90B8-910F8ACE43DE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-02]] (Microsoft Windows -> Microsoft Corporation)
Task: {DE4155B2-93F9-47C8-8F90-652F484269B9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
Task: {E4B63280-2A9E-433C-90BB-B33524E873FD} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {F7AA504D-C48E-4111-B51D-82153152BB51} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {FE111503-0258-4795-8079-B96220746E3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-15] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_235_pepper.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{894A80DB-197D-4EEB-9EB6-0653F3F2B745}: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF DefaultProfile: osoemsn3.default
FF ProfilePath: C:\Users\Ren\AppData\Roaming\Mozilla\Firefox\Profiles\osoemsn3.default [2021-12-23]
FF Homepage: Mozilla\Firefox\Profiles\osoemsn3.default -> hxxps://www.google.sk/?gws_rd=ssl
FF NewTab: Mozilla\Firefox\Profiles\osoemsn3.default -> about:newtab
FF Extension: (uBlock Origin) - C:\Users\Ren\AppData\Roaming\Mozilla\Firefox\Profiles\osoemsn3.default\Extensions\uBlock0@raymondhill.net.xpi [2021-12-04]
FF Extension: (No Name) - C:\Users\Ren\AppData\Roaming\Mozilla\Firefox\Profiles\osoemsn3.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF SearchPlugin: C:\Users\Ren\AppData\Roaming\Mozilla\Firefox\Profiles\osoemsn3.default\searchplugins\seznam-avast.xml [2016-10-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] (Foxit Corporation -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] (Nokia -> )
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Ren\AppData\Local\Google\Chrome\User Data\Default [2021-11-22]
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html", Not-active:"chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
CHR Extension: (Dokumenty) - C:\Users\Ren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-27]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Ren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-03-23]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Ren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2020-11-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Ren\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-11-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Ren\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-03-23]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd]
CHR HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [84520 2011-03-14] (Software602 -> Software602 a.s.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8376400 2021-11-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [680728 2021-11-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [427800 2021-11-16] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\elevation_service.exe [1721904 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129128 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel(R) Software -> Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel(R) Software -> Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [121304 2014-08-07] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] (Intel(R) Smart Connect software -> )
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-12-18] (McAfee, LLC -> McAfee, LLC)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [19264 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [222128 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [368152 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [251928 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [185216 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [538992 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107848 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82912 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852752 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [544096 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214384 2021-11-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317680 2021-12-06] (Avast Software s.r.o. -> AVAST Software)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-03-31] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (WDKTestCert asix,130126255272009909 -> ASIX Electronics Corp.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel(R) Software -> Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel(R) Software -> Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel(R) Software -> Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel(R) Software -> Intel Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [107208 2014-01-17] (Genesys Logic,INC. -> GenesysLogic)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 nmwcd; C:\Windows\system32\drivers\ccdcmbx64.sys [19968 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\system32\drivers\ccdcmbox64.sys [27136 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [221824 2016-04-24] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-23 11:06 - 2021-12-23 11:08 - 000034859 _____ C:\Users\Ren\Desktop\FRST.txt
2021-12-23 11:04 - 2021-12-23 11:05 - 002311168 _____ (Farbar) C:\Users\Ren\Desktop\FRST64.exe
2021-12-06 18:32 - 2021-12-06 20:50 - 002502315 _____ C:\Users\Ren\Desktop\1_TPV_12_2021.pptx
2021-12-06 18:32 - 2019-10-13 22:25 - 003019964 _____ C:\Users\Ren\Desktop\2_TPV_12_2021.pptx
2021-12-06 15:50 - 2021-12-06 15:50 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-12-06 15:50 - 2021-12-06 15:50 - 000214352 _____ (AVAST Software) C:\Windows\system32\Drivers\asw023de05a90f3c972.tmp
2021-12-05 23:43 - 2021-12-05 23:43 - 000000000 ____D C:\Users\Ren\Desktop\KURZ TPV-2017
2021-12-01 21:30 - 2021-12-01 21:30 - 000217409 _____ C:\Users\Ren\Desktop\Faktura_2021220.pdf
2021-11-27 18:03 - 2021-11-27 18:06 - 000000000 ____D C:\Users\Ren\Desktop\EVA VYUCTOVANIE ENERGII
2021-11-25 23:00 - 2021-11-25 23:01 - 000000000 ____D C:\Users\Ren\Desktop\Stoppa
2021-11-25 22:49 - 2021-11-25 22:57 - 000000000 ____D C:\Users\Ren\Desktop\Bordeyne
2021-11-25 22:06 - 2021-11-25 22:08 - 000200565 _____ C:\Users\Ren\Desktop\Lezioni I settimana (2021.09.28).pdf
2021-11-25 21:40 - 2021-11-25 21:41 - 000000000 ____D C:\Users\Ren\Desktop\KomKon
2021-11-23 15:44 - 2021-11-23 15:44 - 000127705 _____ C:\Users\Ren\Desktop\La funzione della famiglia.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-23 11:07 - 2018-12-19 20:43 - 000000000 ____D C:\FRST
2021-12-23 11:06 - 2016-07-15 06:35 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-23 11:05 - 2015-07-09 22:11 - 000003986 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{4B9C7BF8-123F-4B9B-B8F4-51FCE5700351}
2021-12-23 11:04 - 2015-07-09 20:21 - 000000000 ____D C:\Program Files\CCleaner
2021-12-23 11:03 - 2021-02-12 09:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-12-23 11:03 - 2016-11-18 19:09 - 000000000 ____D C:\Users\Ren\AppData\LocalLow\Mozilla
2021-12-23 11:03 - 2015-07-09 18:17 - 000000094 _____ C:\Users\Ren\AppData\Roaming\sp_data.sys
2021-12-21 21:00 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2021-12-21 18:39 - 2021-08-23 19:27 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Ren
2021-12-21 18:39 - 2021-03-16 18:47 - 000003476 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-21 18:39 - 2021-03-16 18:47 - 000003348 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-21 18:39 - 2021-03-15 20:16 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1675441996-3159863428-1805938978-1001
2021-12-21 18:39 - 2021-02-24 19:59 - 000003864 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-12-21 18:39 - 2021-02-24 19:59 - 000000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2021-12-21 18:39 - 2021-02-17 19:15 - 000003568 _____ C:\Windows\system32\Tasks\HPCustParticipation HP DeskJet 3700 series
2021-12-21 18:39 - 2018-04-01 19:29 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-12-21 18:39 - 2016-07-15 06:36 - 000003372 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-12-21 18:39 - 2016-07-15 06:36 - 000003244 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-12-21 18:39 - 2015-12-04 09:06 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-12-21 18:39 - 2015-03-26 04:31 - 000003258 _____ C:\Windows\system32\Tasks\ASUS Patch for Touch Panel
2021-12-21 18:39 - 2015-03-26 04:26 - 000003912 _____ C:\Windows\system32\Tasks\Update Checker
2021-12-21 18:39 - 2015-03-26 04:26 - 000002986 _____ C:\Windows\system32\Tasks\ASUS Splendid ACMON
2021-12-21 18:39 - 2015-03-26 04:23 - 000003026 _____ C:\Windows\system32\Tasks\ASUS USB Charger Plus
2021-12-21 18:39 - 2015-03-26 04:22 - 000003562 _____ C:\Windows\system32\Tasks\ATK Package 36D18D69AFC3
2021-12-21 18:39 - 2015-03-26 04:20 - 000003016 _____ C:\Windows\system32\Tasks\UMonitor Task
2021-12-21 18:39 - 2015-03-26 04:18 - 000003538 _____ C:\Windows\system32\Tasks\ASUS Smart Gesture Launcher
2021-12-21 18:28 - 2017-12-17 21:26 - 000000000 ____D C:\Users\Ren\AppData\Local\AVAST Software
2021-12-21 17:59 - 2017-02-08 15:50 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-12-20 13:34 - 2015-07-09 18:22 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1675441996-3159863428-1805938978-1001
2021-12-19 17:28 - 2016-07-15 06:37 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-18 21:28 - 2014-10-21 05:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-16 21:35 - 2019-04-21 09:51 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-12-16 21:35 - 2018-04-12 20:36 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-12-14 14:48 - 2014-10-21 12:24 - 000738160 _____ C:\Windows\system32\perfh005.dat
2021-12-14 14:48 - 2014-10-21 12:24 - 000154424 _____ C:\Windows\system32\perfc005.dat
2021-12-14 14:48 - 2014-03-18 16:26 - 001745984 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-12 19:35 - 2015-08-21 10:35 - 000000000 ____D C:\Users\Ren\AppData\Local\CrashDumps
2021-12-08 17:01 - 2021-04-13 17:10 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-12-06 15:50 - 2020-10-30 16:19 - 000185216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-12-06 15:50 - 2020-04-16 10:33 - 000538992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-12-06 15:50 - 2019-01-17 14:15 - 000251928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-12-06 15:50 - 2019-01-17 14:15 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-12-06 15:50 - 2018-10-22 08:51 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-12-06 15:50 - 2015-07-11 16:08 - 000544096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-12-06 15:50 - 2015-07-11 16:08 - 000317680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-12-06 15:50 - 2015-07-11 16:08 - 000107848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-12-06 15:50 - 2015-07-11 16:08 - 000082912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-12-06 15:49 - 2019-01-17 14:15 - 000368152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-12-06 15:49 - 2019-01-17 14:15 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-12-06 15:49 - 2017-12-07 19:57 - 000222128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-12-06 15:49 - 2015-07-11 16:08 - 000852752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-12-04 20:18 - 2020-04-23 19:30 - 000002021 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-12-04 20:18 - 2015-07-11 16:05 - 000000000 ____D C:\ProgramData\AVAST Software
2021-12-04 20:18 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-04 20:18 - 2013-08-22 15:44 - 000504152 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-04 20:17 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2021-12-01 21:53 - 2015-07-09 18:17 - 000000000 ____D C:\Users\Ren\AppData\Local\Packages
2021-11-29 20:56 - 2021-10-05 10:34 - 000002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk

==================== Files in the root of some directories ========

2015-07-09 18:17 - 2021-12-23 11:03 - 000000094 _____ () C:\Users\Ren\AppData\Roaming\sp_data.sys
2016-12-25 14:36 - 2020-01-03 22:38 - 000005120 _____ () C:\Users\Ren\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-12-14 17:35
==================== End of FRST.txt ========================

talbott
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 15 pro 2016 19:22

Re: prosim o preventivnu kontrolu, vdaka

#2 Příspěvek od talbott »

Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2021
Ran by Ren (23-12-2021 11:10:51)
Running from C:\Users\Ren\Desktop
Microsoft Windows 8.1 (Update) (X64) (2015-07-09 17:17:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1675441996-3159863428-1805938978-500 - Administrator - Disabled)
Guest (S-1-5-21-1675441996-3159863428-1805938978-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1675441996-3159863428-1805938978-1004 - Limited - Enabled)
Ren (S-1-5-21-1675441996-3159863428-1805938978-1001 - Administrator - Enabled) => C:\Users\Ren

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

602PdfDriver (HKLM-x32\...\{9E6E7007-507B-4067-9B64-F83EA4A6F9DA}) (Version: 1.01 - Software602 a.s.) Hidden
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Alternate Pic View EXESlide 1.710 (HKLM-x32\...\Alternate Pic View EXESlide_is1) (Version: - Alternate Tools)
Aplikácie Microsoft 365 pre veľké organizácie - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.14701.20262 - Microsoft Corporation)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.1 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.10.2498 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 96.1.13589.111 - Autori prehliadača Avast Secure Browser)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.35.56 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HP DeskJet 3700 series Basic Device Software (HKLM\...\{307EE3A5-A788-4D01-B615-ABAA728DFB57}) (Version: 40.12.1161.1896 - HP Inc.)
HP DeskJet 3700 series Help (HKLM-x32\...\{9D10BAEF-4767-46EC-8A40-A6E75D84432C}) (Version: 40.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
Icecream Ebook Reader verzia 5.24 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.24 - Icecream Apps)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
lo Zingarelli 2008 (HKLM-x32\...\lo Zingarelli 2008) (Version: - )
Malwarebytes Anti-Malware verzia 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.62 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 85.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 85.0.2 (x64 sk)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 85.0.2.7709 - Mozilla)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia Suite (HKLM-x32\...\{88B6F9DE-C80F-4A70-ACF6-BEE933679170}) (Version: 3.8.54.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14701.20262 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Product Improvement Study for HP DeskJet 3700 series (HKLM\...\{826144A0-42A2-40D3-A49B-129979BA2B0C}) (Version: 40.12.1161.1896 - HP Inc.)
Realtek USB Fast Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{D2B61BE0-B18B-4091-81B4-F234F4C30DFD}) (Version: 8.13.106.2014 - Realtek)
Seznam Software (HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\SeznamInstall) (Version: 2.1.27 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verzia 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Software602 Form Filler (HKLM-x32\...\{1320CACA-1955-4E9E-84A1-B75F064221BB}) (Version: 4.70 - Software602 a.s.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.4.0.2781 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WebAdvisor od McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.659 - McAfee, LLC)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (ATP) Mouse (03/18/2014 6.0.0.35) (HKLM\...\DAA6E0EEB715139C1CEA332C78AB4609FB3C211B) (Version: 03/18/2014 6.0.0.35 - ASUS)
Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
ASUS PhotoDirector -> C:\Program Files\WindowsApps\F5080380.ASUSPhotoDirector_2.1.3706.2_x86__tfv7c950n6xcr [2015-07-11] (CyberLink Corp.)
ASUS PowerDirector -> C:\Program Files\WindowsApps\F5080380.ASUSPowerDirector_1.0.3618.38952_x86__tfv7c950n6xcr [2015-07-11] (CyberLink Corp.)
ASUS WebStorage -> C:\Program Files\WindowsApps\ASUSCloudCorporation.MobileFileExplorer_1.0.24.190_x86__wk4d32h0cvhem [2015-07-11] (ASUS Cloud Corporation)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-22] (Flipboard)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-01-13] (Microsoft Corporation)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-03-26] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-07-11] (Microsoft Corporation) [MS Ad]
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_1.0.15.112_x64__8ptj331gd3tyt [2016-10-06] (LINE Corporation)
MSN Cestovanie -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
MSN Financie -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Jedlá a nápoje -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
MSN Správy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Šport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Zdravie a fitnes -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_2.3.1055.0_x64__a2t3txkz9j1jw [2017-06-18] (MAGIX)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-07-11] (Skype) [MS Ad]
Skype WiFi -> C:\Program Files\WindowsApps\Microsoft.SkypeWiFi_1.2.0.7_x86__kzf8qxf38zg5c [2015-07-11] (Skype)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2015-03-26] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_1.1.13.8_x64__wgeqdkkx372wm [2014-10-21] (Twitter Inc.)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2015-07-11] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Ren\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-11-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-11-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-11-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2013-12-18] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [Print602] -> {D5F8CFC7-1A45-4517-A565-E42CDE7880CF} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-11-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSContextMenu.dll [2014-08-20] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-11-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2014-04-02 15:46 - 2014-04-02 15:46 - 000117248 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-06-26 04:26 - 2013-06-26 04:26 - 001479168 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 000163840 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2006-10-26 12:40 - 2006-10-26 12:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2021-03-15 20:08 - 2021-03-15 20:08 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2021-03-15 20:08 - 2021-03-15 20:08 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2012-06-26 12:08 - 2012-06-26 12:08 - 000026112 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
2012-06-26 10:58 - 2012-06-26 10:58 - 001262592 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\NGSCM64.DLL
2012-06-26 12:08 - 2012-06-26 12:08 - 000572928 _____ (Nokia) [File not signed] C:\Program Files (x86)\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
2014-04-02 15:46 - 2014-04-02 15:46 - 001600000 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll
2017-06-02 08:40 - 2015-07-14 12:27 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\Windows\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {1868025B-F4F8-4EA4-B617-CF8C3570D95C} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {22846F59-88FC-4277-A127-D17A077EB9F3} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {38BC6833-4094-4E9E-8BFF-DCF630878763} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {481E7CDE-A0C3-4B64-A968-B5A92381DB45} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {5DADC086-90C8-4399-9D51-DE59706866FF} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {7101F371-357C-426B-839C-B602F5FF20BF} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {A1210C34-A582-4CD7-A205-40F7896D31E4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {A4963EA0-B321-4F1C-9679-1DE9D819113C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001 -> {E80C6F6E-8895-4485-BBE5-44A5D8B8EFAB} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-12-18] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-12-18] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\sharepoint.com -> hxxps://lasallesk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-07-27 20:56 - 000000866 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ren\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\StartupApproved\Run: => "NokiaSuite.exe"
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C12AEA36-F1FF-4D64-AFDE-F735E7F2CFAA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{D997450B-314E-4A73-9D1B-8B688EF2C51A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8AD8C22F-7CF1-4EAB-8AAB-E6B2FDEC871F}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia -> Nokia)
FirewallRules: [{78BB0D33-9E9F-4767-9D5C-A75531381DDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B6DAFE5F-A404-4B03-A43E-0836087C0783}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DD988C1E-982C-4596-B5BD-206127605457}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{6D93986D-0FE3-4F16-A940-25735AA86913}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{11938253-6699-44A2-A82B-6A5B20B5642A}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{AC2995F1-AFED-481D-BA2C-09FB919A026E}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{28E21933-760B-464A-B90D-CEFFF8C852C3}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{AADA9FC4-4F9C-4B0C-97A1-D5D9CCAC5562}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe (Pinnacle Systems, Inc. -> Pinnacle Systems)
FirewallRules: [{7094B3B5-0283-4286-BB3D-7C2FB081D01D}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 -> )
FirewallRules: [{6D68987E-63E1-4D8F-B363-F935CF73B0F9}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 -> )
FirewallRules: [{7EBFCF3D-BE5C-4A99-BCC2-32BF86EF5FC6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{424CE8CE-D28A-4FBE-A36D-54F2B5B3DD2D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{B65453D7-E3F3-40CE-8992-0A7D99F1C4F9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{54F7F547-5A6F-44B4-9B2A-F25EB6D02489}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{1D910371-A152-43E0-98C7-1C9CDFB253C5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE7028DC-67FC-460B-BCDD-2B7029857A54}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E1CF373-B06D-4670-902C-1123A0C4032E}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9B3EBDB8-0F82-4B05-9D03-469DA485B244}] => (Allow) LPort=5357
FirewallRules: [{F98E8712-5D14-4EC1-84D1-1F7D7905D350}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{34149B5B-91BB-4052-9B77-92B5E26864CE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{965B619C-C415-4E89-AE31-3FA87E36ABDC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{784AAE71-96C6-41F6-B566-BA192112F002}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{741E7173-D5E6-4330-88B8-5F3F7A58A39F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{A7A676FA-AC65-4A28-8C49-8C9E54A39144}C:\users\ren\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ren\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{EB9B5E42-9723-41B4-BD49-94185C29873E}C:\users\ren\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ren\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67C141BC-1289-452D-BE15-9F1A9CD9D1DB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75646799-9EBE-4430-A99E-D23032AF910A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{FBCF4CC4-F77F-420B-ACDE-D59E306129E6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F304CDBD-A0EB-4433-BFBC-14338B85DA7E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{48C1A2F1-CD21-4728-BF90-9CC740B46A42}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2FAAA39A-BC8D-436C-AD38-4C2039D2A785}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8DE3ACEF-9AFA-4526-9C3E-C6525F74E697}] => (Allow) C:\Users\Ren\AppData\Local\Temp\7zS021C\HP.EasyStart.exe (HP Inc. -> HP)
FirewallRules: [{52B8D8E7-0891-4ABD-95F6-19678FA7A182}] => (Allow) C:\Users\Ren\AppData\Local\Temp\7zS0CF4\HP.EasyStart.exe (HP Inc. -> HP)
FirewallRules: [{D27A6EB7-15C3-42DB-87F3-308BAD064C10}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{46783ADD-9075-4C83-822E-9848EE1D6767}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E6F37199-9E92-4764-97BF-E10279B52824}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48435567-DBCB-4657-A6AB-3E51782EDF75}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{195ECAEB-56E0-4372-B795-CC64BD6BFD87}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BB954ECA-1A70-4DF9-A992-1E19B9A43321}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6BF5AF16-1EAA-4433-8E73-6DBC75BA5FE8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3A029B23-53C8-4634-9394-CBE9D5855C74}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D838AACD-DF8F-464A-841C-98071CC7B056}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{76BA9CA3-AB3A-4533-A768-C0D9E13A1DCD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

14-10-2021 20:59:49 Scheduled Checkpoint
30-11-2021 20:28:50 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/23/2021 11:12:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (12/21/2021 10:03:39 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (12/21/2021 09:00:52 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (12/21/2021 09:00:51 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=8960), GLE=31.

Error: (12/21/2021 09:00:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_defragsvc, verzia: 6.3.9600.17415, časová značka: 0x54504177
Názov chybujúceho modulu: ntdll.dll, verzia: 6.3.9600.17936, časová značka: 0x55a68e0c
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000433d9
Identifikácia chybujúceho procesu: 0xffc
Čas spustenia chybujúcej aplikácie: 0x01d7f693fc55f854
Cesta chybujúcej aplikácie: C:\Windows\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: b193cddf-6298-11ec-82eb-d28a5ef82e6e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/21/2021 08:29:30 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CProcess::GetProcessFullName Unable to get the image full name for the process( ID=2060), GLE=31.

Error: (12/21/2021 07:42:24 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.

Error: (12/21/2021 06:31:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadané konto už existuje.


System errors:
=============
Error: (12/23/2021 11:16:30 AM) (Source: DCOM) (EventID: 10010) (User: MariaAugustina)
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (12/23/2021 11:14:30 AM) (Source: DCOM) (EventID: 10010) (User: MariaAugustina)
Description: The server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} did not register with DCOM within the required timeout.

Error: (12/21/2021 09:00:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Optimalizácia jednotiek sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/21/2021 07:26:50 PM) (Source: DCOM) (EventID: 10010) (User: MariaAugustina)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (12/21/2021 07:11:16 PM) (Source: DCOM) (EventID: 10010) (User: MariaAugustina)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (12/18/2021 08:02:41 PM) (Source: DCOM) (EventID: 10010) (User: MariaAugustina)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (12/18/2021 08:02:11 PM) (Source: DCOM) (EventID: 10010) (User: MariaAugustina)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (12/17/2021 08:42:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.


Windows Defender:
================Event[0]:

Date: 2015-12-14 18:48:49.575
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: Prostriedok je príliš starý, takže nemôže byť kompatibilný.
Signature version: 1.179.381.0;1.179.381.0
Engine version: 1.1.10802.0

==================== Memory info ===========================

BIOS: American Megatrends Inc. UX303LA.204 09/01/2014
Motherboard: ASUSTeK COMPUTER INC. UX303LA
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 37%
Total physical RAM: 8081.15 MB
Available physical RAM: 5080.29 MB
Total Virtual: 10030.92 MB
Available Virtual: 6746.26 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:104.01 GB) (Free:3.87 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{166c0a71-fbc2-4189-bbb3-7b2bf6d8d4ba}\ (Recovery) (Fixed) (Total:15.01 GB) (Free:3.45 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: E17ADC9A)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o preventivnu kontrolu, vdaka

#3 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers1: [Print602] -> {D5F8CFC7-1A45-4517-A565-E42CDE7880CF} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2FD1D693-E3B9-4EC8-877F-FF9BB6463B46} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-15] (Google Inc -> Google Inc.)
Task: {FE111503-0258-4795-8079-B96220746E3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-15] (Google Inc -> Google Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
C:\Users\Ren\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

talbott
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 15 pro 2016 19:22

Re: prosim o preventivnu kontrolu, vdaka

#4 Příspěvek od talbott »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Ren (28-12-2021 12:29:08) Run:1
Running from C:\Users\Ren\Desktop
Loaded Profiles: Ren
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [Print602] -> {D5F8CFC7-1A45-4517-A565-E42CDE7880CF} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File
HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {2FD1D693-E3B9-4EC8-877F-FF9BB6463B46} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-15] (Google Inc -> Google Inc.)
Task: {FE111503-0258-4795-8079-B96220746E3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2016-07-15] (Google Inc -> Google Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
C:\Users\Ren\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Print602 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\wlpg => removed successfully
"HKU\S-1-5-21-1675441996-3159863428-1805938978-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FD1D693-E3B9-4EC8-877F-FF9BB6463B46}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FD1D693-E3B9-4EC8-877F-FF9BB6463B46}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE111503-0258-4795-8079-B96220746E3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE111503-0258-4795-8079-B96220746E3E}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331 => removed successfully
C:\Users\Ren\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5412043 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 2023367 B
Edge => 0 B
Chrome => 149271 B
Firefox => 26496110 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 3032 B
NetworkService => 3032 B
Ren => 13726513 B

RecycleBin => 0 B
EmptyTemp: => 45.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:29:17 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o preventivnu kontrolu, vdaka

#5 Příspěvek od Rudy »

Smmazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

talbott
Návštěvník
Návštěvník
Příspěvky: 44
Registrován: 15 pro 2016 19:22

Re: prosim o preventivnu kontrolu, vdaka

#6 Příspěvek od talbott »

vďaka!

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119587
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosim o preventivnu kontrolu, vdaka

#7 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno