Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

PROSÍM o KONTROLU a vyčištění

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

PROSÍM o KONTROLU a vyčištění

#1 Příspěvek od aktij »

Zdravím, prosím o kontrolu a vyčištění.
Zpomaluje se, zasekává a při čištění CCleanerem poslední dobou hodně dlouho čistí a zůstávají tam soubory, takže čistím několikrát za sebou.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-12-2021
Ran by Sara (administrator) on SARA-PC (ASUSTeK COMPUTER INC. X55VDR) (04-12-2021 07:47:33)
Running from C:\Users\Sara\Desktop
Loaded Profiles: UpdatusUser & Sara
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Services Manager -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc. -> Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Sara\AppData\Local\Microsoft\Teams\Update.exe [2455264 2021-08-28] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\Windows\system32\hpzlllhn.dll [48640 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-15] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-09-09] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260968 2012-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215400 2012-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {69E31E8E-CC11-499B-9A73-53A9B4C41EB9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792 2012-04-16] (Intel® Services Manager -> Intel Corporation)
Task: {70FB48F1-44AE-4EC0-9299-33BB136C34E2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {738BE40E-A869-4883-BA4F-829127C69A6C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Task: {8088F8F3-228A-4E8B-9FC1-E6528DCA44AC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {85B47B03-C13F-4FF7-949E-A2F1C73736DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-03] (Google Inc -> Google Inc.)
Task: {92BFDA1A-C1E0-4DCD-889F-8F51EAD1607E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-03] (Google Inc -> Google Inc.)
Task: {A9B08C97-C270-4F16-B390-8067E65B3176} - System32\Tasks\CCleanerSkipUAC - Sara => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AD42F2CC-4B26-48A8-9F5F-E508D4CA24C5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
Task: {B88DFEB0-81B0-4E93-B483-30548423A50C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3555903808-2307568763-4169163906-1001 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {C2C4C3F2-6831-4DF8-BE2C-A9ABBC01F448} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {C4E7184D-0622-47AD-A9E5-9DFBBAEE3339} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {D3679EAC-FFA4-4757-8973-BA2B04967373} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233792 2012-04-16] (Intel® Services Manager -> Intel Corporation)
Task: {E35985D2-22AB-4F5B-804E-82CD7D2DF9E1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{C0E5F1E7-59F4-4220-80E4-176C76A1156E}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Sara\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-04]

FireFox:
========
FF DefaultProfile: 78jmzxzl.default-1584034196646
FF ProfilePath: C:\Users\Sara\AppData\Roaming\Mozilla\Firefox\Profiles\78jmzxzl.default-1584034196646 [2021-12-04]
FF Notifications: Mozilla\Firefox\Profiles\78jmzxzl.default-1584034196646 -> hxxps://www.viry.cz; hxxps://www.slevomat.cz; hxxps://www.instagram.com; hxxps://www.spektrumzdravi.cz
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default [2021-12-04]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-11-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-04]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (McAfee, Inc. -> Intel Security, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35720 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [222128 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [368152 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [251928 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99352 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41352 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [185216 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [538992 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-15] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107848 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82912 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852752 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [544096 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214352 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317680 2021-12-01] (Avast Software s.r.o. -> AVAST Software)
S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [57344 2009-06-10] (Microsoft Windows -> Atheros Communications, Inc.)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-10-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-01 19:03 - 2021-12-01 19:03 - 000340248 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-12-01 19:03 - 2021-12-01 19:03 - 000214352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-11-29 17:16 - 2021-11-29 17:16 - 000003288 ____N C:\bootsqm.dat
2021-11-23 16:47 - 2021-11-25 21:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-19 22:14 - 2021-11-19 22:14 - 000000000 __SHD C:\found.018
2021-11-17 15:58 - 2021-11-17 15:58 - 000000000 __SHD C:\found.017
2021-11-16 19:29 - 2021-11-16 19:29 - 000000000 __SHD C:\found.016

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-04 07:48 - 2021-07-30 20:06 - 000018015 _____ C:\Users\Sara\Desktop\FRST.txt
2021-12-04 07:48 - 2019-02-23 16:57 - 000000000 ____D C:\FRST
2021-12-04 07:47 - 2021-03-09 18:45 - 000000000 ____D C:\Users\Sara\Desktop\FRST-OlderVersion
2021-12-04 07:47 - 2021-02-26 23:52 - 002311680 _____ (Farbar) C:\Users\Sara\Desktop\FRST64.exe
2021-12-04 07:30 - 2018-04-03 23:04 - 000000000 ____D C:\Program Files\CCleaner
2021-12-04 07:29 - 2012-02-24 12:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-04 07:27 - 2009-07-14 05:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-12-04 07:27 - 2009-07-14 05:45 - 000022256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-12-04 01:06 - 2018-04-01 19:01 - 000000000 ____D C:\Users\Sara\AppData\LocalLow\Mozilla
2021-12-03 16:32 - 2020-06-27 06:34 - 000002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-03 16:32 - 2020-06-27 06:34 - 000002182 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-12-03 16:21 - 2018-07-16 19:46 - 000000000 ____D C:\Users\Sara\AppData\Local\AVAST Software
2021-12-01 21:00 - 2019-02-10 20:32 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-01 20:57 - 2018-04-03 22:57 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-12-01 20:54 - 2018-04-01 04:35 - 000000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2021-12-01 20:54 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-01 19:03 - 2020-10-17 07:05 - 000185216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-12-01 19:03 - 2020-04-15 13:48 - 000538992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-12-01 19:03 - 2019-01-14 20:32 - 000368152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-12-01 19:03 - 2019-01-06 20:33 - 000251928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-12-01 19:03 - 2019-01-06 20:33 - 000099352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-12-01 19:03 - 2019-01-06 20:33 - 000035720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-12-01 19:03 - 2018-10-21 08:18 - 000041352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-12-01 19:03 - 2018-04-03 22:57 - 000852752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-12-01 19:03 - 2018-04-03 22:57 - 000544096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-12-01 19:03 - 2018-04-03 22:57 - 000317680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-12-01 19:03 - 2018-04-03 22:57 - 000222128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-12-01 19:03 - 2018-04-03 22:57 - 000107848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-12-01 19:03 - 2018-04-03 22:57 - 000082912 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-12-01 18:58 - 2018-04-03 22:54 - 000000000 ____D C:\ProgramData\AVAST Software
2021-11-25 21:47 - 2018-04-01 04:32 - 000000000 ____D C:\Users\UpdatusUser
2021-11-25 21:43 - 2018-04-01 19:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-24 16:59 - 2018-04-03 23:04 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-11-24 16:56 - 2021-10-10 16:27 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-11-21 12:22 - 2018-04-01 04:35 - 000000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2021-11-17 08:35 - 2020-06-27 06:32 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-17 08:35 - 2020-06-27 06:32 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-15 19:19 - 2012-02-24 12:40 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-14 00:01 - 2018-04-03 22:58 - 000002005 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-11-10 17:53 - 2018-04-07 17:09 - 000000000 ____D C:\Windows\system32\MRT
2021-11-10 17:38 - 2018-04-07 17:08 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-07 18:14 - 2011-02-19 06:36 - 000669568 _____ C:\Windows\system32\perfh005.dat
2021-11-07 18:14 - 2011-02-19 06:36 - 000141938 _____ C:\Windows\system32\perfc005.dat
2021-11-07 18:14 - 2009-07-14 06:13 - 001586170 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-07 18:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-11-25 05:06
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2021
Ran by Sara (04-12-2021 07:52:11)
Running from C:\Users\Sara\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2018-03-31 17:53:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3555903808-2307568763-4169163906-500 - Administrator - Disabled)
Guest (S-1-5-21-3555903808-2307568763-4169163906-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3555903808-2307568763-4169163906-1003 - Limited - Enabled)
Sara (S-1-5-21-3555903808-2307568763-4169163906-1001 - Administrator - Enabled) => C:\Users\Sara
UpdatusUser (S-1-5-21-3555903808-2307568763-4169163906-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Apowersoft Video Konvertor V4.7.7 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.7 - APOWERSOFT LIMITED)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.10.2498 - Avast Software)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
CrystalDiskInfo 8.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.0.0 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Deadtime Stories (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118716773}) (Version: - Oberon Media)
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 6.4.7 - CEWE Stiftung u Co. KGaA)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version: - Oberon Media)
DriverDR 6.5.0 (HKLM\...\DriverDR_is1) (Version: 6.5.0.0 - DriverDR.com)
Farm Frenzy 3 - Madagascar (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119205603}) (Version: - Oberon Media)
File Viewer Plus (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.2.1 - Sharpened Productions)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version: - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.79 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.41 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x64 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
NVIDIA Graphics Driver 296.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 296.97 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.13.1 - NVIDIA Corporation)
NVIDIA Update 1.7.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.13 - NVIDIA Corporation)
ODT Viewer version 1.0 (HKLM-x32\...\{CAA1B43B-7CDA-4D58-B9A3-1050C358CB2D}_is1) (Version: 1.0 - odtviewer.com)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version: - Oberon Media)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype verze 8.41 (HKLM-x32\...\Skype_is1) (Version: 8.41 - Skype Technologies S.A.)
Turbo Fiesta (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115320460}) (Version: - Oberon Media)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version: - Oberon Media)
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-01] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-06-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-12-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2010-04-01 03:55 - 2010-04-01 03:55 - 000221184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZNamespaceExtensions.dll
2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2012-04-16 19:41 - 2012-04-16 19:41 - 000484864 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-16 19:38 - 2012-04-16 19:38 - 000013824 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2012-04-16 19:42 - 2012-04-16 19:42 - 000015872 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 000195584 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 000322048 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 002603520 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 001006592 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-16 04:15 - 2011-08-16 04:15 - 000382464 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-18 00:41 - 2011-08-18 00:41 - 000400384 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-16 03:23 - 2011-08-16 03:23 - 000062464 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2018-03-31 19:46 - 2010-09-11 09:51 - 000439808 _____ (Atheros) [File not signed] C:\Windows\system32\athihvs.dll
2011-05-25 08:09 - 2011-05-25 08:09 - 000227840 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll
2011-07-28 09:48 - 2011-07-28 09:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 10:37 - 2011-07-29 10:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2012-04-16 19:35 - 2012-04-16 19:35 - 000098304 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\configurationManager.dll
2012-04-16 19:39 - 2012-04-16 19:39 - 000224256 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\CorePersistenceAPI.dll
2012-04-16 19:36 - 2012-04-16 19:36 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\dispatcher.dll
2012-04-16 19:37 - 2012-04-16 19:37 - 000075264 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ChannelAdapter.dll
2012-04-16 19:35 - 2012-04-16 19:35 - 000019968 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\localMessage.dll
2012-04-16 19:35 - 2012-04-16 19:35 - 000030208 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\logger.dll
2012-04-16 19:35 - 2012-04-16 19:35 - 000318976 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\network.dll
2012-04-16 19:37 - 2012-04-16 19:37 - 000220160 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\orchestrator.dll
2012-04-16 19:38 - 2012-04-16 19:38 - 000623616 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\payload.dll
2012-04-16 19:38 - 2012-04-16 19:38 - 000109056 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\policyManager.dll
2012-04-16 19:35 - 2012-04-16 19:35 - 000018432 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sealing.dll
2012-04-16 19:38 - 2012-04-16 19:38 - 001489920 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\serializer.dll
2012-04-16 19:38 - 2012-04-16 19:38 - 000141824 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\systemInfo.dll
2012-04-16 19:35 - 2012-04-16 19:35 - 000125952 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\uuid.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\MSVCP140.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\MSVCP140.dll
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\ucrtbase.DLL
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\ucrtbase.DLL
2021-11-10 21:43 - 2021-11-10 21:43 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\VCRUNTIME140.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\VCRUNTIME140.dll
2021-12-03 16:18 - 2021-12-03 16:18 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\AVAST Software\Avast\defs\21120304\avast.local_vc142.crt\VCRUNTIME140_1.dll
2021-12-03 20:21 - 2021-12-03 20:21 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\AVAST Software\Avast\defs\21120308\avast.local_vc142.crt\VCRUNTIME140_1.dll
2009-10-29 02:41 - 2009-10-29 02:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2011-08-16 03:23 - 2011-08-16 03:23 - 001019392 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\LIBEAY32.dll
2011-08-16 03:23 - 2011-08-16 03:23 - 000209408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3555903808-2307568763-4169163906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3555903808-2307568763-4169163906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-02-23 00:45 - 000000887 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sara\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{97A01EA2-F65D-4D33-BF50-6720A2B36627}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FBDAC69B-FD23-4E99-A655-6C8228E497F6}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{65E1DF9E-0E04-4B76-915D-76673F0A6548}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{510F287A-6787-4097-BD71-F766FBB30BF6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9BE71A03-3276-41E1-A124-A9BBD06B399F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{103225BC-123F-469C-8B81-17D1365275E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{14B3C607-0CEA-40BB-B3AD-CCAE10719897}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6E5FD3ED-28FD-4095-9C4E-187719341E71}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{6C7C0A5E-9047-4BD5-9CA5-3509524D9F6B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{13E1E513-AD1F-405A-B932-B66CF7B0CCF1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{37873ACA-35D2-4753-89B3-E82E9037A513}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C355849-7322-46F3-A461-2C6344957866}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4D83ACDB-CD9F-454E-9AF4-5447D8CDF65F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E41EB22E-E046-47B0-9115-EBAE39049217}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F89BBDD6-830C-4329-8066-35BF73754418}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AE0C5784-E642-4570-91C2-606261EEFD82}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{735F7601-015C-4541-9F66-F663A1A32EA8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7BF543CC-D1DE-42D1-A866-3C6D617B7F9C}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4F3500BC-7F0A-4746-A071-3CF9C63EEDE4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{91E1F62F-4968-437C-AAA6-856F25763030}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E9411299-06A4-45A4-B78F-C683DFB974C2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

19-06-2021 12:07:22 Naplánovaný kontrolní bod
12-07-2021 15:16:04 Naplánovaný kontrolní bod
14-07-2021 16:04:45 Windows Update
22-07-2021 19:18:14 Naplánovaný kontrolní bod
31-07-2021 11:21:20 Naplánovaný kontrolní bod
07-08-2021 23:30:58 Naplánovaný kontrolní bod
13-08-2021 18:14:09 Windows Update
23-08-2021 12:33:54 Naplánovaný kontrolní bod
07-09-2021 09:59:19 Naplánovaný kontrolní bod
15-09-2021 07:28:57 Naplánovaný kontrolní bod
16-09-2021 12:25:24 Windows Update
24-09-2021 21:07:02 Naplánovaný kontrolní bod
05-10-2021 19:03:53 Naplánovaný kontrolní bod
13-10-2021 16:27:36 Windows Update
05-11-2021 18:18:28 Naplánovaný kontrolní bod
10-11-2021 17:30:55 Windows Update
25-11-2021 05:13:27 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič USB (Universal Serial Bus)
Description: Řadič USB (Universal Serial Bus)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/01/2021 08:54:54 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/01/2021 08:54:54 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/01/2021 08:54:54 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/01/2021 08:54:54 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (12/01/2021 08:54:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/01/2021 08:54:52 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/01/2021 08:54:52 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/01/2021 08:54:52 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (12/04/2021 07:56:14 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/04/2021 12:55:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby SDRSVC bylo dosaženo časového limitu (30000 ms).

Error: (12/04/2021 12:54:40 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby UNS bylo dosaženo časového limitu (30000 ms).

Error: (12/04/2021 12:54:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby RasMan bylo dosaženo časového limitu (30000 ms).

Error: (12/01/2021 09:01:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (12/01/2021 08:54:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avast! Tools bylo dosaženo časového limitu (30000 ms).

Error: (12/01/2021 08:54:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/01/2021 08:54:54 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Windows Search ukončena s chybou %%-1073473535, specifickou pro službu.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X55VDR.300 07/24/2012
Motherboard: ASUSTeK COMPUTER INC. X55VDR
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 72%
Total physical RAM: 3983.91 MB
Available physical RAM: 1096.08 MB
Total Virtual: 8033.82 MB
Available Virtual: 4459.38 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:673.32 GB) (Free:510.35 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: () (Fixed) (Total:0 GB) (Free:0 GB)

\\?\Volume{c94f119e-f5dd-4fd9-9a47-226fdde7dfb2}\ (Recovery) (Fixed) (Total:25 GB) (Free:8.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 8DED5BA9)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PROSÍM o KONTROLU a vyčištění

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

Re: PROSÍM o KONTROLU a vyčištění

#3 Příspěvek od aktij »

Tak nic k čištění tam nebylo.....

-------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-04-2021
# Duration: 00:01:04
# OS: Windows 7 Home Premium
# Scanned: 32026
# Detected: 21


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DEADTIME STORIES
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DREAM DAY FIRST HOME
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\DREAM VACATION SOLITAIRE
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\FARM FRENZY 3 - MADAGASCAR
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GALAPAGO
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GAMECONSOLE
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\GO GO GOURMET CHEF OF THE YEAR
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\PLANTS VS ZOMBIES
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\TURBO FIESTA
Preinstalled.ASUSGames Folder C:\Program Files (x86)\ASUS\GAME PARK\WORLD OF GOO
Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Preinstalled.ASUSVibe Folder C:\Program Files (x86)\ASUS\ASUSVIBE
Preinstalled.ASUSVibe Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Preinstalled.ASUSVibe Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\ASUS WEBSTORAGE
Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WEBSTORAGE
Preinstalled.ASUSWebStorage Registry HKLM\Software\Classes\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}
Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage
Preinstalled.ASUSWebStorage Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk


AdwCleaner[S00].txt - [1257 octets] - [23/02/2019 16:26:36]
AdwCleaner[S01].txt - [1318 octets] - [23/02/2019 16:27:40]
AdwCleaner[C01].txt - [1504 octets] - [23/02/2019 16:28:39]
AdwCleaner[S02].txt - [1440 octets] - [30/04/2019 17:33:11]
AdwCleaner[S03].txt - [3992 octets] - [17/01/2020 22:31:31]
AdwCleaner[S04].txt - [4053 octets] - [17/01/2020 22:32:32]
AdwCleaner[S05].txt - [4114 octets] - [17/01/2020 22:39:32]
AdwCleaner[S06].txt - [4175 octets] - [02/03/2020 21:24:02]
AdwCleaner[S07].txt - [4236 octets] - [02/03/2020 21:27:46]
AdwCleaner[S08].txt - [4377 octets] - [23/11/2020 19:05:24]
AdwCleaner[S09].txt - [4438 octets] - [23/11/2020 19:10:09]
AdwCleaner[S10].txt - [4499 octets] - [02/01/2021 16:21:27]
AdwCleaner[S11].txt - [4560 octets] - [26/02/2021 23:45:07]
AdwCleaner[S12].txt - [4620 octets] - [27/02/2021 19:53:49]
AdwCleaner[C12].txt - [2544 octets] - [27/02/2021 19:56:43]
AdwCleaner[S13].txt - [4572 octets] - [27/02/2021 20:02:16]
AdwCleaner[S14].txt - [4458 octets] - [09/03/2021 18:42:51]
AdwCleaner[S15].txt - [4519 octets] - [09/03/2021 19:34:53]
AdwCleaner[S16].txt - [4580 octets] - [30/07/2021 22:04:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S17].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PROSÍM o KONTROLU a vyčištění

#4 Příspěvek od Rudy »

Preinstalled jsou OK, jen neškodné utility ad ASUSu. Jinak v pořádku. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {85B47B03-C13F-4FF7-949E-A2F1C73736DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-03] (Google Inc -> Google Inc.)
Task: {92BFDA1A-C1E0-4DCD-889F-8F51EAD1607E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-03] (Google Inc -> Google Inc.)
U1 aswbdisk; no ImagePath
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3555903808-2307568763-4169163906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3555903808-2307568763-4169163906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

Re: PROSÍM o KONTROLU a vyčištění

#5 Příspěvek od aktij »

Hotovo.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-12-2021
Ran by Sara (04-12-2021 16:40:25) Run:8
Running from C:\Users\Sara\Desktop
Loaded Profiles: UpdatusUser & Sara
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {85B47B03-C13F-4FF7-949E-A2F1C73736DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-03] (Google Inc -> Google Inc.)
Task: {92BFDA1A-C1E0-4DCD-889F-8F51EAD1607E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-03] (Google Inc -> Google Inc.)
U1 aswbdisk; no ImagePath
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3555903808-2307568763-4169163906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3555903808-2307568763-4169163906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85B47B03-C13F-4FF7-949E-A2F1C73736DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85B47B03-C13F-4FF7-949E-A2F1C73736DA}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92BFDA1A-C1E0-4DCD-889F-8F51EAD1607E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92BFDA1A-C1E0-4DCD-889F-8F51EAD1607E}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3555903808-2307568763-4169163906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5206331 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 108611 B
Edge => 0 B
Chrome => 151552 B
Firefox => 240101685 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 128 B
NetworkService => 128 B
UpdatusUser => 128 B
Sara => 3347750 B

RecycleBin => 0 B
EmptyTemp: => 237.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-12-2021 16:56:12)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 16:56:13 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PROSÍM o KONTROLU a vyčištění

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

Re: PROSÍM o KONTROLU a vyčištění

#7 Příspěvek od aktij »

Jeví se to lepší :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PROSÍM o KONTROLU a vyčištění

#8 Příspěvek od Rudy »

Můžete ještě defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

aktij
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 186
Registrován: 25 lis 2007 09:17
Bydliště: Praha

Re: PROSÍM o KONTROLU a vyčištění

#9 Příspěvek od aktij »

OK, zkusím to. Jinak MOC a MOC děkuji za pomoc, pošlu fiňáry na provoz :worship: :thumbsup:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: PROSÍM o KONTROLU a vyčištění

#10 Příspěvek od Rudy »

Rádo se stalo a za příspěvek děkujeme! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno