Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

Prosím o kontrolu

#1 Příspěvek od aktij »

Zdravím, nedávno jsem tu s Vaší pomocí čistila NTB. Trochu se to zlepšilo, ale to zasekávání se opět objevuje. I mi nějak nefachčí jak by měl FB. Prosím o pomoc

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Sara (administrator) on SARA-PC (ASUSTeK COMPUTER INC. X55VDR) (09-03-2021 18:46:09)
Running from C:\Users\Sara\Desktop
Loaded Profiles: UpdatusUser & Sara
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc. -> Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\Windows\system32\hpzlllhn.dll [48640 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-02-15] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260968 2012-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215400 2012-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07B86A63-FE69-499B-8EED-0AD945464A47} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {3ACEC31D-9218-4551-8D92-05DCC07BAFBD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
Task: {69E31E8E-CC11-499B-9A73-53A9B4C41EB9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792 2012-04-16] (Intel® Services Manager -> Intel Corporation)
Task: {70FB48F1-44AE-4EC0-9299-33BB136C34E2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {8088F8F3-228A-4E8B-9FC1-E6528DCA44AC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {97A1EC88-C615-4C26-B8F3-D4121BCC0341} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {A030A3E3-8E65-4226-9963-4698B7F06122} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A9ED470B-C62E-419A-A1B7-7E0AC8E11011} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {B88DFEB0-81B0-4E93-B483-30548423A50C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3555903808-2307568763-4169163906-1001 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {BDD87FB3-AA1C-4BAF-92C6-AA7C4E09E085} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {D3679EAC-FFA4-4757-8973-BA2B04967373} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792 2012-04-16] (Intel® Services Manager -> Intel Corporation)
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {ECE9F533-2A12-4207-8DCB-2AAFAA5AA3DD} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{C0E5F1E7-59F4-4220-80E4-176C76A1156E}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Edge:
=======
Edge Profile: C:\Users\Sara\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-09]

FireFox:
========
FF DefaultProfile: 78jmzxzl.default-1584034196646
FF ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\78jmzxzl.default-1584034196646 [2021-03-09]
FF Notifications: Mozilla\Firefox\Profiles\78jmzxzl.default-1584034196646 -> hxxps://www.viry.cz; hxxps://www.slevomat.cz; hxxps://www.instagram.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8044056 2021-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (McAfee, Inc. -> Intel Security, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35648 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208024 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [357320 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [249304 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [98760 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41272 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175248 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [521336 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107784 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83360 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850112 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [465656 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215328 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2021-02-23] (Avast Software s.r.o. -> AVAST Software)
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [57344 2009-06-10] (Microsoft Windows -> Atheros Communications, Inc.)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-10-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-09 18:46 - 2021-03-09 18:47 - 000018993 _____ C:\Users\Sara\Desktop\FRST.txt
2021-03-09 18:45 - 2021-03-09 18:45 - 000000000 ____D C:\Users\Sara\Desktop\FRST-OlderVersion
2021-03-09 18:42 - 2021-03-09 18:42 - 008463216 _____ (Malwarebytes) C:\Users\Sara\Desktop\adwcleaner_8.1.exe
2021-03-08 21:38 - 2021-03-08 21:38 - 000003416 ____N C:\bootsqm.dat
2021-03-08 21:37 - 2021-03-08 21:37 - 000000000 __SHD C:\found.008
2021-03-07 14:28 - 2021-03-07 14:28 - 000000000 ____D C:\Users\Sara\AppData\Local\{8F272C4F-0131-499D-8AA2-2F23BB8FA8B9}
2021-03-07 14:27 - 2021-03-07 14:41 - 000000000 ____D C:\Users\Sara\Desktop\MAMKA
2021-03-06 07:02 - 2021-03-06 07:39 - 000000000 ____D C:\Users\Sara\Desktop\1-2021
2021-02-28 10:19 - 2021-02-28 10:19 - 000001592 _____ C:\Users\Sara\Desktop\fixlist.txt
2021-02-27 19:50 - 2021-02-27 19:50 - 008463216 _____ (Malwarebytes) C:\Users\Sara\Downloads\adwcleaner_8.1.exe
2021-02-26 23:58 - 2021-02-27 00:01 - 000034943 _____ C:\Users\Sara\Downloads\Addition.txt
2021-02-26 23:53 - 2021-02-27 00:01 - 000025409 _____ C:\Users\Sara\Downloads\FRST.txt
2021-02-26 23:52 - 2021-03-09 18:45 - 002301440 _____ (Farbar) C:\Users\Sara\Desktop\FRST64.exe
2021-02-24 18:09 - 2021-02-24 18:09 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-02-23 19:42 - 2021-02-23 19:42 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-02-23 19:42 - 2021-02-23 19:42 - 000215328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-02-23 19:37 - 2021-02-25 18:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-12 16:33 - 2021-02-12 16:33 - 000000824 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-02-12 16:28 - 2021-02-12 16:28 - 030584912 _____ (Piriform Software Ltd) C:\Users\Sara\Downloads\ccsetup576.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-09 18:46 - 2019-02-23 16:57 - 000000000 ____D C:\FRST
2021-03-09 18:40 - 2012-02-24 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2021-03-09 18:35 - 2019-02-10 20:32 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-09 18:34 - 2018-04-03 23:04 - 000000000 ____D C:\Program Files\CCleaner
2021-03-09 17:20 - 2009-07-14 05:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-03-09 17:20 - 2009-07-14 05:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-03-08 23:34 - 2018-04-01 19:01 - 000000000 ____D C:\Users\Sara\AppData\LocalLow\Mozilla
2021-03-08 23:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-03-08 21:40 - 2018-04-01 04:35 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2021-03-08 21:39 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-07 12:22 - 2018-04-01 04:35 - 000000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2021-03-06 17:07 - 2020-06-27 06:34 - 000002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-06 17:07 - 2020-06-27 06:34 - 000002182 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-06 07:19 - 2012-02-24 12:40 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-05 18:26 - 2018-04-03 23:04 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-03-04 18:57 - 2020-06-27 06:32 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 18:57 - 2020-06-27 06:32 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-04 18:47 - 2018-04-03 22:54 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-02 21:26 - 2018-07-16 19:46 - 000000000 ____D C:\Users\Sara\AppData\Local\AVAST Software
2021-03-02 15:05 - 2018-04-03 22:57 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-02-28 10:31 - 2020-03-03 17:42 - 000004428 _____ C:\Users\Sara\Desktop\Fixlog.txt
2021-02-28 10:31 - 2018-04-01 04:32 - 000000000 ____D C:\Users\UpdatusUser
2021-02-28 10:25 - 2018-04-04 23:21 - 000000000 ____D C:\Users\Sara\AppData\LocalLow\Temp
2021-02-27 19:49 - 2018-05-11 15:16 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-26 23:42 - 2018-04-03 16:42 - 000000000 ____D C:\Program Files\trend micro
2021-02-25 18:02 - 2018-04-01 19:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-23 19:43 - 2020-10-17 07:05 - 000175248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-02-23 19:43 - 2018-04-03 22:57 - 000465656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-02-23 19:42 - 2020-04-15 13:48 - 000521336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-02-23 19:42 - 2019-01-06 20:33 - 000249304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-02-23 19:42 - 2019-01-06 20:33 - 000098760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-02-23 19:42 - 2018-10-21 08:18 - 000041272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-02-23 19:42 - 2018-04-03 22:57 - 000326976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-02-23 19:42 - 2018-04-03 22:57 - 000107784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-02-23 19:42 - 2018-04-03 22:57 - 000083360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-02-23 19:41 - 2019-01-14 20:32 - 000357320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-02-23 19:41 - 2019-01-06 20:33 - 000035648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-02-23 19:41 - 2018-04-03 22:57 - 000850112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-02-23 19:41 - 2018-04-03 22:57 - 000208024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-02-12 07:38 - 2018-04-07 17:09 - 000000000 ____D C:\Windows\system32\MRT
2021-02-12 07:28 - 2018-04-07 17:08 - 130141752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-02-11 14:04 - 2018-05-11 15:17 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-02-25 20:43
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Sara (09-03-2021 18:48:45)
Running from C:\Users\Sara\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2018-03-31 17:53:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3555903808-2307568763-4169163906-500 - Administrator - Disabled)
Guest (S-1-5-21-3555903808-2307568763-4169163906-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3555903808-2307568763-4169163906-1003 - Limited - Enabled)
Sara (S-1-5-21-3555903808-2307568763-4169163906-1001 - Administrator - Enabled) => C:\Users\Sara
UpdatusUser (S-1-5-21-3555903808-2307568763-4169163906-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Apowersoft Video Konvertor V4.7.7 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.7 - APOWERSOFT LIMITED)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version: - Oberon Media)
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 6.4.7 - CEWE Stiftung u Co. KGaA)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version: - Oberon Media)
DriverDR 6.5.0 (HKLM\...\DriverDR_is1) (Version: 6.5.0.0 - DriverDR.com)
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version: - Oberon Media)
File Viewer Plus (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.2.1 - Sharpened Productions)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version: - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.79 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
NVIDIA Graphics Driver 296.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.97 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.13.1 - NVIDIA Corporation)
NVIDIA Update 1.7.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.13 - NVIDIA Corporation)
ODT Viewer version 1.0 (HKLM-x32\...\{CAA1B43B-7CDA-4D58-B9A3-1050C358CB2D}_is1) (Version: 1.0 - odtviewer.com)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version: - Oberon Media)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype verze 8.41 (HKLM-x32\...\Skype_is1) (Version: 8.41 - Skype Technologies S.A.)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version: - Oberon Media)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version: - Oberon Media)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-23] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2010-04-01 03:55 - 2010-04-01 03:55 - 000221184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZNamespaceExtensions.dll
2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2018-03-31 19:46 - 2010-09-11 09:51 - 000439808 _____ (Atheros) [File not signed] C:\Windows\system32\athihvs.dll
2011-05-25 08:09 - 2011-05-25 08:09 - 000227840 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll
2011-07-28 09:48 - 2011-07-28 09:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 10:37 - 2011-07-29 10:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2020-07-15 22:18 - 2020-07-15 22:18 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\MSVCP140.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\ucrtbase.DLL
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\VCRUNTIME140.dll
2021-03-08 18:30 - 2021-03-08 18:30 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21030800\avast.local_vc142.crt\VCRUNTIME140_1.dll
2009-10-29 02:41 - 2009-10-29 02:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-02-23 00:45 - 000000887 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{97A01EA2-F65D-4D33-BF50-6720A2B36627}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBDAC69B-FD23-4E99-A655-6C8228E497F6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65E1DF9E-0E04-4B76-915D-76673F0A6548}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{510F287A-6787-4097-BD71-F766FBB30BF6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9BE71A03-3276-41E1-A124-A9BBD06B399F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{103225BC-123F-469C-8B81-17D1365275E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{14B3C607-0CEA-40BB-B3AD-CCAE10719897}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6E5FD3ED-28FD-4095-9C4E-187719341E71}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6C7C0A5E-9047-4BD5-9CA5-3509524D9F6B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{13E1E513-AD1F-405A-B932-B66CF7B0CCF1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{37873ACA-35D2-4753-89B3-E82E9037A513}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C355849-7322-46F3-A461-2C6344957866}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{772DF3AC-A792-461C-B1E9-0F791B3A6B6B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

10-09-2020 11:21:21 Windows Update
18-09-2020 11:18:19 Naplánovaný kontrolní bod
28-09-2020 10:44:14 Naplánovaný kontrolní bod
10-10-2020 10:33:52 Naplánovaný kontrolní bod
26-10-2020 17:11:24 Naplánovaný kontrolní bod
12-11-2020 23:33:43 Windows Update
22-11-2020 12:16:55 Naplánovaný kontrolní bod
19-12-2020 11:07:26 Naplánovaný kontrolní bod
01-01-2021 15:37:59 Naplánovaný kontrolní bod
13-01-2021 23:29:37 Windows Update
22-01-2021 16:25:32 Naplánovaný kontrolní bod
31-01-2021 19:51:09 Naplánovaný kontrolní bod
12-02-2021 07:26:20 Windows Update
27-02-2021 19:55:57 AdwCleaner_BeforeCleaning_27/02/2021_19:55:54
28-02-2021 10:22:42 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič USB (Universal Serial Bus)
Description: Řadič USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/07/2021 07:00:15 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy E:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (03/07/2021 03:22:08 PM) (Source: Microsoft Office 14) (EventID: 2000) (User: )
Description: Event-ID 2000

Error: (02/28/2021 07:00:19 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy E:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (02/26/2021 11:15:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 86.0.0.7723 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: dc0

Čas spuštění: 01d70c6a19cbd563

Čas ukončení: 190

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení:

Error: (02/22/2021 01:25:40 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy E:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (02/16/2021 02:56:07 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Patch task for {90140011-0066-0405-0000-0000000FF1CE}): DownloadLatest Failed: V tuto chvíli není aktivní žádné připojení k síti. Jakmile bude připojen adaptér, bude Služba inteligentního přenosu na pozadí (BITS) akci opakovat.

Error: (02/14/2021 07:00:16 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy E:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (02/07/2021 07:00:15 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy E:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).


System errors:
=============
Error: (03/08/2021 09:39:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:26:05, ‎8.‎3.‎2021) bylo neočekávané.

Error: (03/07/2021 11:23:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) závisí na službě Správce identit sítě rovnocenných počítačů, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/07/2021 11:23:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Správce identit sítě rovnocenných počítačů, která neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/07/2021 11:23:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Správce identit sítě rovnocenných počítačů neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/07/2021 11:23:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Správce identit sítě rovnocenných počítačů bylo dosaženo časového limitu (30000 ms).

Error: (03/07/2021 11:20:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:19:31, ‎7.‎3.‎2021) bylo neočekávané.

Error: (03/07/2021 02:32:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (03/07/2021 02:32:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X55VDR.300 07/24/2012
Motherboard: ASUSTeK COMPUTER INC. X55VDR
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 3979.91 MB
Available physical RAM: 1066.36 MB
Total Virtual: 7957.97 MB
Available Virtual: 4783.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:673.32 GB) (Free:515.12 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: () (Fixed) (Total:0 GB) (Free:0 GB)

\\?\Volume{c94f119e-f5dd-4fd9-9a47-226fdde7dfb2}\ (Recovery) (Fixed) (Total:25 GB) (Free:8.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 8DED5BA9)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

Re: Prosím o kontrolu

#3 Příspěvek od aktij »

Též zdravím Rudy :-D

Tak jsem stáhla a uložila utilitu, spusila jako správce... Asi je inovovaná ... Bohužel čištění a opravy to nenabízí. Jsou tam pouze infa o předinstalovaných softwarech a mám si zvolit (zaškrtnout), co dát do karantény (zakázat). Nevím co s tím....

Další odlišnost je, že se tím pádem nerestoval PC, ale v nabídce je soubor protokolu. Tam jsem našla aktuální protokol :


# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-09-2021
# Duration: 00:00:29
# OS: Windows 7 Home Premium
# Scanned: 2801
# Detected: 21


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DEADTIME STORIES
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DREAM DAY FIRST HOME
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DREAM VACATION SOLITAIRE
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\FARM FRENZY 3 - MADAGASCAR
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GALAPAGO
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GAMECONSOLE
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GO GO GOURMET CHEF OF THE YEAR
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\PLANTS VS ZOMBIES
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\TURBO FIESTA
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\WORLD OF GOO
Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Preinstalled.ASUSVibe Folder C:\Program Files (x86)\ASUS\ASUSVIBE
Preinstalled.ASUSVibe Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Preinstalled.ASUSVibe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\ASUS WEBSTORAGE
Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WEBSTORAGE
Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}
Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage
Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk


AdwCleaner[S00].txt - [1257 octets] - [23/02/2019 16:26:36]
AdwCleaner[S01].txt - [1318 octets] - [23/02/2019 16:27:40]
AdwCleaner[C01].txt - [1504 octets] - [23/02/2019 16:28:39]
AdwCleaner[S02].txt - [1440 octets] - [30/04/2019 17:33:11]
AdwCleaner[S03].txt - [3992 octets] - [17/01/2020 22:31:31]
AdwCleaner[S04].txt - [4053 octets] - [17/01/2020 22:32:32]
AdwCleaner[S05].txt - [4114 octets] - [17/01/2020 22:39:32]
AdwCleaner[S06].txt - [4175 octets] - [02/03/2020 21:24:02]
AdwCleaner[S07].txt - [4236 octets] - [02/03/2020 21:27:46]
AdwCleaner[S08].txt - [4377 octets] - [23/11/2020 19:05:24]
AdwCleaner[S09].txt - [4438 octets] - [23/11/2020 19:10:09]
AdwCleaner[S10].txt - [4499 octets] - [02/01/2021 16:21:27]
AdwCleaner[S11].txt - [4560 octets] - [26/02/2021 23:45:07]
AdwCleaner[S12].txt - [4620 octets] - [27/02/2021 19:53:49]
AdwCleaner[C12].txt - [2544 octets] - [27/02/2021 19:56:43]
AdwCleaner[S13].txt - [4572 octets] - [27/02/2021 20:02:16]
AdwCleaner[S14].txt - [4458 octets] - [09/03/2021 18:42:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S15].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#4 Příspěvek od Rudy »

Preinstaled jsou utility od ASUS, te se mazat nemusí, není to malware. Jinak je to v pořádku. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U1 aswbdisk; no ImagePath
C:\Users\Sara\AppData\Local\{8F272C4F-0131-499D-8AA2-2F23BB8FA8B9}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

Re: Prosím o kontrolu

#5 Příspěvek od aktij »

To jste mne uklidnil, docela mne ten jiný postup, od popsaného vyděsil :boxed:

Zde je log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Sara (09-03-2021 20:14:00) Run:6
Running from C:\Users\Sara\Desktop
Loaded Profiles: UpdatusUser & Sara
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
U1 aswbdisk; no ImagePath
C:\Users\Sara\AppData\Local\{8F272C4F-0131-499D-8AA2-2F23BB8FA8B9}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
C:\Users\Sara\AppData\Local\{8F272C4F-0131-499D-8AA2-2F23BB8FA8B9} => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4685778 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3048 B
Edge => 0 B
Chrome => 0 B
Firefox => 232123973 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 128 B
UpdatusUser => 128 B
Sara => 4587342 B

RecycleBin => 25373584 B
EmptyTemp: => 262.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-03-2021 20:18:48)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 20:19:18 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

Re: Prosím o kontrolu

#7 Příspěvek od aktij »

Vypadá to zatím dobře :thumbsup: :)

MOC děkuji za pomoc, jste stejně nejlepší :idea: :wub: :worship:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#8 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět