Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

mail spam

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
mill
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 11 říj 2019 14:58

mail spam

#1 Příspěvek od mill »

Dobrý deň,
prosím o kontrolu logu. Dnes mi prestalo posielať mail z Outlook, hneď napíše, že nedoručiteľné a niečo so spamom.
Vopred za pomoc ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by User (administrator) on DESKTOP-P95Q40E (ASUSTeK COMPUTER INC. N551JK) (23-09-2021 15:49:11)
Running from C:\Users\User\Desktop
Loaded Profiles: defaultuser0 & User
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <6>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Seznam.cz, a.s. -> ) C:\Users\User\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\User\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [124184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [Chromium] => "c:\users\user\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [AvastBrowserAutoLaunch_DD3B34B51295CA4CE249213732CEC2F8] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {7f8af7b5-41f0-11ea-8ebb-4851b7138719} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501eeb5-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501f0dd-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP a111 Status Monitor: C:\WINDOWS\system32\hpinkstsa111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\system32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\Installer\chrmstp.exe [2021-09-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {042D4500-C367-4365-B375-D9A4CE08CAF3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {05D7FB9E-83B3-406D-8685-79CB895FE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {1E50FF66-B8E0-4F34-8A93-4E712E831191} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {39A51E71-D1AA-483B-8B32-9DD965D00AE7} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {48750B08-421E-46D6-A82B-5C2FD5AC10C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {4DABDBFF-A829-4259-A025-E15F46DD4FD2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF54682-F8D4-4F80-BD9A-087B98D87444} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {644B461C-F4DA-46C5-BCD8-BCE1C94A95FF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {6975DB66-C9AF-45D0-B20B-A9453B5B231E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
Task: {72B24599-B182-4161-B4EF-150A86DDEB3C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4917528 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {8C78F666-4D55-4F41-AEF8-0A3A251F4124} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9497FDE3-5F79-4F75-9D7D-6600DCF86C3E} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {BFCB5489-4ED1-4B2F-B74A-6B48FDA4961B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {CEA910B9-2AA9-430B-A8CD-8AB115304207} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D6A64115-CC87-4E74-AD85-DA2A0359CC20} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
Task: {E8EE3DE0-BB54-42D7-8F2C-612E17D72DF4} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{815a018e-e26b-4ae1-8407-2f65725776f7}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{a9c99418-d348-4f0e-8f77-a9f80205966d}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-23]
Edge DownloadDir: Default -> C:\Users\User\Downloads
Edge StartupUrls: Default -> "hxxps://google.sk/"

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-09-10] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2018-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-09-23]
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR Extension: (Prezentácie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-19]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-19]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Seznam doplněk - Email) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-19]
CHR Extension: (Tabuľky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-08-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-10-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8303184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\elevation_service.exe [1436280 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-09-10] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35712 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221584 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184120 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538464 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107840 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [553496 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [31040 2014-04-29] (IPTS Alisa, OOO -> EldoS Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-23 15:49 - 2021-09-23 15:49 - 000021807 _____ C:\Users\User\Desktop\FRST.txt
2021-09-23 15:48 - 2021-09-23 15:48 - 000000000 ____D C:\FRST
2021-09-23 15:46 - 2021-09-23 15:46 - 002304512 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2021-09-22 14:11 - 2021-09-22 14:11 - 000073136 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-23.pdf
2021-09-22 14:11 - 2021-09-22 14:11 - 000049231 _____ C:\Users\User\Downloads\labels-2021-09-23.pdf
2021-09-22 10:37 - 2021-09-22 10:37 - 000071874 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-22.pdf
2021-09-22 10:36 - 2021-09-22 10:36 - 000048997 _____ C:\Users\User\Downloads\labels-2021-09-22.pdf
2021-09-21 18:10 - 2021-09-21 18:10 - 000104538 _____ C:\Users\User\Desktop\2586406023^21SK524201280285R8^^^EZ922^^_ENT_BTS_GTW_ECO_20210818_203230.pdf
2021-09-21 15:06 - 2021-09-21 15:06 - 000010995 _____ C:\Users\User\Downloads\POD_0160658-2021-09-21-1632229618143.tiff
2021-09-21 14:59 - 2021-09-21 14:59 - 000469163 _____ C:\Users\User\Desktop\RKWU 12-256_techdata.pdf
2021-09-20 12:29 - 2021-09-20 12:29 - 000244303 _____ C:\Users\User\Desktop\ds_tw9525_en_co.pdf
2021-09-19 11:26 - 2021-09-19 11:26 - 000072114 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-20.pdf
2021-09-19 11:26 - 2021-09-19 11:26 - 000049280 _____ C:\Users\User\Downloads\labels-2021-09-20.pdf
2021-09-18 17:40 - 2021-09-18 17:40 - 000094726 _____ C:\Users\User\Downloads\Jesus Saved My Life - Faithlife Sermons.html
2021-09-18 17:40 - 2021-09-18 17:40 - 000000000 ____D C:\Users\User\Downloads\Jesus Saved My Life - Faithlife Sermons_files
2021-09-17 08:44 - 2021-09-17 08:44 - 000171087 _____ C:\Users\User\Desktop\A700000007405589.pdf
2021-09-17 08:44 - 2021-09-17 08:44 - 000108541 _____ C:\Users\User\Downloads\Phaseo Easy_ABL2REM24020H.pdf
2021-09-16 18:17 - 2021-09-16 18:17 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-16 18:17 - 2021-09-16 18:17 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-16 18:17 - 2021-09-16 18:17 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-16 18:17 - 2021-09-16 18:17 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-16 18:17 - 2021-09-16 18:17 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-16 18:17 - 2021-09-16 18:17 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-16 18:17 - 2021-09-16 18:17 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-16 18:17 - 2021-09-16 18:17 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-16 18:17 - 2021-09-16 18:17 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-16 18:16 - 2021-09-16 18:16 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-16 18:16 - 2021-09-16 18:16 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-16 18:16 - 2021-09-16 18:16 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-16 18:16 - 2021-09-16 18:16 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-16 18:16 - 2021-09-16 18:16 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-16 18:16 - 2021-09-16 18:16 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-16 18:16 - 2021-09-16 18:16 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 18:16 - 2021-09-16 18:16 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-16 18:11 - 2021-09-16 18:11 - 000000000 ___HD C:\$WinREAgent
2021-09-16 16:56 - 2021-09-16 16:56 - 000071428 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-17.pdf
2021-09-16 16:56 - 2021-09-16 16:56 - 000049014 _____ C:\Users\User\Downloads\labels-2021-09-17.pdf
2021-09-15 20:08 - 2021-09-15 20:08 - 000021695 _____ C:\Users\User\Downloads\1617291373_INV_BHX_SOT_2YU_20210914_091928.pdf
2021-09-15 20:08 - 2021-09-15 20:08 - 000010788 _____ C:\Users\User\Downloads\1617291373_AWB_BHX_SOT_77B_20210914_091947.pdf
2021-09-15 12:45 - 2021-09-15 12:45 - 000080621 _____ C:\Users\User\Downloads\labels-2021-09-16.pdf
2021-09-15 12:45 - 2021-09-15 12:45 - 000073308 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-16.pdf
2021-09-13 13:01 - 2021-09-13 13:01 - 000155329 _____ C:\Users\User\Desktop\OrdAck13569419.pdf
2021-09-13 09:12 - 2021-09-13 09:12 - 000187234 _____ C:\Users\User\Downloads\VAS_SK_2021 (1).pdf
2021-09-13 07:14 - 2021-09-13 07:14 - 000022675 _____ C:\Users\User\Downloads\9189063726_INV_BHX_SOT_NW1_20210910_121538.pdf
2021-09-13 07:14 - 2021-09-13 07:14 - 000010832 _____ C:\Users\User\Downloads\9189063726_AWB_BHX_SOT_OH8_20210910_121507.pdf
2021-09-12 09:23 - 2021-09-12 09:23 - 007244336 _____ C:\Users\User\Downloads\1. Podávanie liekov.pptx
2021-09-10 14:47 - 2021-09-10 14:47 - 000011838 _____ C:\Users\User\Downloads\POD_0160658-2021-09-03-1631278022996.tiff
2021-09-10 14:46 - 2021-09-10 14:46 - 000010183 _____ C:\Users\User\Downloads\POD_0160653-2021-09-07-1631277997090.tiff
2021-09-10 14:46 - 2021-09-10 14:46 - 000009395 _____ C:\Users\User\Downloads\POD_0160653-2021-09-03-1631278010530.tiff
2021-09-10 14:44 - 2021-09-10 14:44 - 000013221 _____ C:\Users\User\Downloads\POD_0160658-2021-09-10-1631277859051.tiff
2021-09-10 14:44 - 2021-09-10 14:44 - 000009720 _____ C:\Users\User\Downloads\POD_0160654-2021-09-10-1631277842086.tiff
2021-09-10 14:43 - 2021-09-10 14:43 - 000008974 _____ C:\Users\User\Downloads\POD_0160651-2021-09-10-1631277790101.tiff
2021-09-10 10:02 - 2021-09-10 10:02 - 002024691 _____ C:\Users\User\Downloads\azazm-200-b30-ltag1p1-2021-09-10-08-02.pdf
2021-09-10 10:00 - 2021-09-10 10:00 - 002022102 _____ C:\Users\User\Downloads\azazm-200-b30-rtag1p1-2021-09-10-08-00.pdf
2021-09-10 09:59 - 2021-09-10 09:59 - 000580874 _____ C:\Users\User\Downloads\azazm-200-b30-ltag1p20-2021-09-10-07-59.pdf
2021-09-10 09:30 - 2021-09-10 09:30 - 001371460 _____ C:\Users\User\Downloads\azm-200sk-t-1p2pwa-2021-09-10-07-30.pdf
2021-09-10 09:22 - 2021-09-10 09:22 - 000168100 _____ C:\Users\User\Desktop\Qte13559915.pdf
2021-09-09 17:49 - 2021-09-09 17:49 - 000122373 _____ C:\Users\User\Desktop\Detail platby v PDF.pdf
2021-09-09 16:47 - 2021-09-09 16:47 - 000510970 _____ C:\Users\User\Desktop\Credit Application UK.pdf
2021-09-09 13:44 - 2021-09-09 13:44 - 000111836 _____ C:\Users\User\Downloads\labels-2021-09-09.pdf
2021-09-09 13:44 - 2021-09-09 13:44 - 000073067 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-09.pdf
2021-09-09 13:23 - 2021-09-09 13:23 - 000277882 _____ C:\Users\User\Desktop\edb_6814020_ces_cz.pdf
2021-09-09 13:23 - 2021-09-09 13:23 - 000277856 _____ C:\Users\User\Desktop\edb_6814034_ces_cz.pdf
2021-09-09 10:10 - 2021-09-09 10:10 - 000326602 _____ C:\Users\User\Desktop\Ponuka1211002343.pdf
2021-09-09 10:07 - 2021-09-09 10:07 - 000033570 _____ C:\Users\User\Desktop\Dobropis_Strojal.pdf
2021-09-08 20:13 - 2021-09-08 20:13 - 000161092 _____ C:\Users\User\Desktop\OrdAck13555639.pdf
2021-09-07 15:05 - 2021-09-07 15:05 - 001237992 _____ C:\Users\User\Desktop\RE18325-90.pdf
2021-09-07 15:05 - 2021-09-07 15:05 - 000432073 _____ C:\Users\User\Desktop\D36_OD15X17YZ_RE18323-34.pdf
2021-09-07 12:45 - 2021-09-07 12:45 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-07 12:45 - 2021-09-07 12:45 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-06 15:38 - 2021-09-06 15:38 - 000072099 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-06.pdf
2021-09-06 15:38 - 2021-09-06 15:38 - 000049283 _____ C:\Users\User\Downloads\labels-2021-09-06.pdf
2021-09-06 14:31 - 2021-09-06 14:31 - 000309224 _____ C:\Users\User\Desktop\211604.pdf
2021-09-06 08:20 - 2021-09-06 08:20 - 000207776 _____ C:\Users\User\Downloads\Gavazzi_2019-2020.xlsx
2021-09-05 19:18 - 2021-09-05 19:18 - 000022283 _____ C:\Users\User\Downloads\document (19).pdf
2021-09-03 09:21 - 2021-09-03 09:21 - 002538281 _____ C:\Users\User\Downloads\Data_Sheet_CP70QXVT80_EN.PDF
2021-09-03 09:08 - 2021-09-03 09:08 - 000453701 _____ C:\Users\User\Downloads\Data_Sheet_ZAS89R602_EN.PDF
2021-09-02 14:16 - 2021-09-02 14:16 - 000171970 _____ C:\Users\User\Downloads\Usmernenie-pre-rodičov-platba-ŠJ-(1).pdf
2021-09-02 13:08 - 2021-09-02 13:08 - 000072015 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-02.pdf
2021-09-02 13:06 - 2021-09-02 13:06 - 000080576 _____ C:\Users\User\Downloads\labels-2021-09-02.pdf
2021-09-02 11:41 - 2021-09-02 11:41 - 000551043 _____ C:\Users\User\Desktop\Lek_potvrdenie.pdf
2021-09-01 17:47 - 2021-09-01 17:47 - 001024942 _____ C:\Users\User\Desktop\bezpríznakovosť.pdf
2021-09-01 17:45 - 2021-09-01 17:45 - 000406141 _____ C:\Users\User\Desktop\bezinfekčnosť.pdf
2021-08-31 19:43 - 2021-08-31 19:43 - 000022211 _____ C:\Users\User\Downloads\document (18).pdf
2021-08-31 19:41 - 2021-08-31 19:41 - 000022271 _____ C:\Users\User\Downloads\document (17).pdf
2021-08-27 13:57 - 2021-08-27 13:57 - 001074246 _____ C:\Users\User\Desktop\lkl.bmp
2021-08-26 13:31 - 2021-08-26 13:32 - 000070981 _____ C:\Users\User\Downloads\faktura-210215560.pdf
2021-08-26 13:31 - 2021-08-26 13:31 - 000070981 _____ C:\Users\User\Downloads\faktura-210215560 (1).pdf
2021-08-25 20:06 - 2021-08-25 20:06 - 000072292 _____ C:\Users\User\Downloads\acceptance-protocol-2021-08-26.pdf
2021-08-25 20:05 - 2021-08-25 20:05 - 000046483 _____ C:\Users\User\Downloads\labels-2021-08-26.pdf
2021-08-24 11:32 - 2021-08-24 11:32 - 000080530 _____ C:\Users\User\Downloads\labels-2021-08-24.pdf
2021-08-24 11:32 - 2021-08-24 11:32 - 000072956 _____ C:\Users\User\Downloads\acceptance-protocol-2021-08-24.pdf
2021-08-24 10:44 - 2021-08-24 10:45 - 001606334 _____ C:\Users\User\Downloads\Vyhlásenie.pdf
2021-08-24 10:40 - 2021-08-24 10:40 - 001606334 _____ C:\Users\User\Desktop\Vyhlásenie.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-23 15:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-23 15:43 - 2018-12-17 13:35 - 000000000 ____D C:\Users\User\Documents\Súbory programu Outlook
2021-09-23 15:39 - 2018-12-19 12:45 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-23 15:38 - 2019-12-28 10:58 - 000000000 ____D C:\Users\User\AppData\Roaming\Seznam.cz
2021-09-23 15:37 - 2020-08-10 23:41 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-23 15:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-23 15:33 - 2020-08-10 23:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-23 15:33 - 2020-08-10 23:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-23 15:33 - 2020-08-10 23:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-23 15:33 - 2018-12-17 12:55 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-09-23 15:33 - 2018-12-14 13:52 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-23 15:33 - 2018-12-14 13:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-09-23 15:33 - 2018-12-14 13:49 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2021-09-23 15:10 - 2020-02-14 12:12 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-23 15:10 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-22 13:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-22 13:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-21 12:36 - 2018-12-14 14:39 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2021-09-21 08:29 - 2020-08-10 23:42 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-720725377-2809074183-169206472-1001
2021-09-21 08:29 - 2020-08-10 23:36 - 000002364 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-20 17:51 - 2020-03-24 17:55 - 000000000 ____D C:\Users\User\Desktop\Bazos
2021-09-20 14:17 - 2021-05-03 10:11 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-09-20 14:17 - 2021-05-03 10:11 - 000002475 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-09-20 10:26 - 2020-02-04 17:52 - 000000000 ____D C:\Users\User\Desktop\Rozvoz
2021-09-19 16:02 - 2020-08-10 23:42 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-18 18:55 - 2020-08-10 23:42 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-18 18:55 - 2020-08-10 23:42 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-18 18:55 - 2020-08-10 23:42 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-18 18:55 - 2020-08-10 23:42 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-09-18 18:55 - 2020-08-10 23:42 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-18 18:55 - 2020-08-10 23:42 - 000002712 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Photosmart 5510 series
2021-09-18 18:55 - 2020-08-10 23:42 - 000002346 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2021-09-18 18:55 - 2020-08-10 23:42 - 000002288 _____ C:\WINDOWS\system32\Tasks\RtHDVBg
2021-09-18 18:55 - 2020-08-10 23:42 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-09-18 18:55 - 2020-08-10 23:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-18 17:26 - 2020-06-05 17:39 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 17:26 - 2020-06-05 17:39 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-16 20:35 - 2020-08-10 23:35 - 000346800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-16 20:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-16 18:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-15 20:06 - 2018-12-17 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 20:05 - 2018-12-17 13:25 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 12:15 - 2019-10-16 09:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-14 08:54 - 2018-12-19 12:45 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-14 08:54 - 2018-12-19 12:45 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-11 11:49 - 2021-01-24 21:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-07 12:46 - 2020-02-14 12:15 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-07 12:45 - 2020-10-22 07:48 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-07 12:45 - 2020-04-21 10:13 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000035712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-07 12:45 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by User (23-09-2021 15:50:56)
Running from C:\Users\User\Desktop
Windows 10 Home Version 21H1 19043.1237 (X64) (2020-08-10 21:42:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-720725377-2809074183-169206472-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-720725377-2809074183-169206472-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-720725377-2809074183-169206472-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-720725377-2809074183-169206472-501 - Limited - Disabled)
User (S-1-5-21-720725377-2809074183-169206472-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-720725377-2809074183-169206472-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.7.2481 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 93.0.11965.83 - Autori prehliadača Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balík softvéru eID (HKLM-x32\...\{69aff1f0-e530-4ac2-ab4f-88cb85aef940}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
CDRoller (HKLM-x32\...\CDRoller_is1) (Version: 11.50 - Digital Atlantic Corp.)
CEWE fotosvet (HKLM-x32\...\CEWE fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
DiskInternals CD-DVD Recovery (HKLM-x32\...\DiskInternals CD-DVD Recovery) (Version: 4.5 - DiskInternals Research)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{CBB98874-7884-4CC1-A78C-CB53C62BC77B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Office 2013 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 15.0.5381.1000 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5381.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5381.1000 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
STORMWARE POHODA SK Standard (HKLM-x32\...\{1D355597-5580-45FC-8420-31E44A009682}) (Version: 12000.158 - STORMWARE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebAdvisor od McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.627 - McAfee, LLC)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\ZoomUMX) (Version: 5.2.1 (44052.0816) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-12-10] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.8.33.0_x86__kgqvnymyfvs32 [2021-08-29] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.202.400.0_x86__kgqvnymyfvs32 [2021-09-16] (king.com)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6 [2021-08-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.3004.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Studios)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-12-17] (Plex)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-720725377-2809074183-169206472-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4-x32: [DiskInternals_cd_recovery] -> {6DD33479-D4D0-4666-93C8-F6DC46668518} => C:\Program Files (x86)\DiskInternals\CD and DVD Recovery\contmenu.dll [2005-01-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-720725377-2809074183-169206472-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {07CC2C80-EC94-4742-8933-59C58BAC5D7D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {09097C45-AE3A-4C75-8ED1-61B091490783} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {29050AAB-F362-41C5-B4A9-566A71068A8D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {4446F04B-5B74-4C83-A913-295EC60DF418} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {63869A10-1D38-4907-87F1-D0565B32A3C6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {C704FA26-A3AA-42F4-BC70-B5C74696422E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {D59B135F-CDA0-4D85-84A1-9434A4B852DA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {EA2E8D7F-3A8C-499F-87CB-7753D886B789} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {EA9A2917-1EA5-4F54-A174-E58EA960A1B0} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_40139
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-09-10] (McAfee, LLC -> McAfee, LLC)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-09-10] (McAfee, LLC -> McAfee, LLC)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2018-12-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-720725377-2809074183-169206472-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-720725377-2809074183-169206472-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D2AEA163-061F-4730-900C-9CFBD03BC44A}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe => No File
FirewallRules: [TCP Query User{A507C8F4-12ED-4290-958E-85A5213AE488}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe => No File
FirewallRules: [UDP Query User{FCED5183-176C-4180-A30E-C134B427F6E4}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe => No File
FirewallRules: [TCP Query User{CD13DE40-DE65-4ABB-9431-AAF3AC4C52C6}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe => No File
FirewallRules: [{033914AF-C17A-4B4C-B588-8740696A01CA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E5A13DA7-7529-415E-A474-8BDAA6C6ED54}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A1E77817-3C1C-4859-89F0-9FBDACAA9C13}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6D153755-796C-4C98-AEC9-977AF9610A2D}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F73D0507-0D19-4182-BCE9-5C7524E3F205}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2638669F-8FE8-4F19-953C-9CAB0C6A9E4F}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{F93E3208-3813-4248-BED5-7E7A8C6E842D}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{DE575959-ECF1-4FA3-A255-5DC82D5E953D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC77456E-6934-4129-932D-D8D05FB4507E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6709F241-CB7F-41A2-A14C-39FF6906861C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99861707-BE79-4134-A607-A29EFC0055E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5959957-49C2-4199-BF5F-94225F4EF71A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{808FDF2C-58EF-4005-B5AA-2205D47BE4D8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C3C2ED0A-D394-4045-80A5-6EF6D0E8E3D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{97FAD512-82BD-4ED8-9474-65913BF698D8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

16-09-2021 18:11:00 Inštalátor modulov systému Windows
16-09-2021 18:12:28 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/23/2021 03:37:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 03:37:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 03:33:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\User\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/22/2021 02:37:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Data2 (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (09/22/2021 02:37:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Data1 (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (09/18/2021 05:25:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\User\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/16/2021 08:43:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/16/2021 08:42:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (09/23/2021 03:33:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 15:10:30 on ‎23. ‎9. ‎2021 was unexpected.

Error: (09/19/2021 07:05:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:40 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:39 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:39 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:39 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:39 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/17/2021 12:41:55 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.


CodeIntegrity:
===============
Date: 2021-09-23 15:35:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-23 15:34:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. N551JK.203 10/06/2014
Motherboard: ASUSTeK COMPUTER INC. N551JK
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 16266.93 MB
Available physical RAM: 11120.45 MB
Total Virtual: 18698.93 MB
Available Virtual: 13607.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.43 GB) (Free:345.37 GB) NTFS
Drive d: (Data1) (Fixed) (Total:465.75 GB) (Free:443.18 GB) NTFS
Drive e: (Data2) (Fixed) (Total:465.76 GB) (Free:218.94 GB) NTFS

\\?\Volume{4e1157a8-8a06-4776-82eb-99e719e120c7}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{b2c9be00-b7a9-4eab-85b4-06dc756f4ba2}\ () (Fixed) (Total:0.77 GB) (Free:0.3 GB) NTFS
\\?\Volume{b7f18c1f-27d0-4ff3-94a5-d67868496981}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0AA68AE5)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: mail spam

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mill
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 11 říj 2019 14:58

Re: mail spam

#3 Příspěvek od mill »

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-23-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\User\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2693 octets] - [23/09/2021 17:09:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: mail spam

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mill
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 11 říj 2019 14:58

Re: mail spam

#5 Příspěvek od mill »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by User (administrator) on DESKTOP-P95Q40E (ASUSTeK COMPUTER INC. N551JK) (23-09-2021 17:55:01)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [Chromium] => "c:\users\user\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {7f8af7b5-41f0-11ea-8ebb-4851b7138719} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501eeb5-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501f0dd-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP a111 Status Monitor: C:\WINDOWS\system32\hpinkstsa111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\system32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\Installer\chrmstp.exe [2021-09-20] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series.lnk [2021-09-23]
ShortcutAndArgument: Monitor Ink Alerts - HP Photosmart 5510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2293547L05V3;CONNECTION=USB;MONITOR=1;
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {042D4500-C367-4365-B375-D9A4CE08CAF3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {05D7FB9E-83B3-406D-8685-79CB895FE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {1983221E-9AA5-417F-813D-55473311DF86} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4929304 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
Task: {1E50FF66-B8E0-4F34-8A93-4E712E831191} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {39A51E71-D1AA-483B-8B32-9DD965D00AE7} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {48750B08-421E-46D6-A82B-5C2FD5AC10C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {4DABDBFF-A829-4259-A025-E15F46DD4FD2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF54682-F8D4-4F80-BD9A-087B98D87444} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {644B461C-F4DA-46C5-BCD8-BCE1C94A95FF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {6975DB66-C9AF-45D0-B20B-A9453B5B231E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
Task: {8C78F666-4D55-4F41-AEF8-0A3A251F4124} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9497FDE3-5F79-4F75-9D7D-6600DCF86C3E} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {BFCB5489-4ED1-4B2F-B74A-6B48FDA4961B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {CEA910B9-2AA9-430B-A8CD-8AB115304207} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D6A64115-CC87-4E74-AD85-DA2A0359CC20} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
Task: {E8EE3DE0-BB54-42D7-8F2C-612E17D72DF4} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{815a018e-e26b-4ae1-8407-2f65725776f7}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{a9c99418-d348-4f0e-8f77-a9f80205966d}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-23]
Edge DownloadDir: Default -> C:\Users\User\Downloads
Edge StartupUrls: Default -> "hxxps://google.sk/"

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-09-10] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2018-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-09-23]
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"

CHR Extension: (Prezentácie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-19]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-19]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Seznam doplněk - Email) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-19]
CHR Extension: (Tabuľky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-08-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-23]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8323664 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\elevation_service.exe [1436280 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-09-10] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221600 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369176 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250408 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99368 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41368 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538480 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107864 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851712 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557152 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [31040 2014-04-29] (IPTS Alisa, OOO -> EldoS Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-23 17:31 - 2021-09-23 17:31 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-23 17:31 - 2021-09-23 17:31 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-23 17:09 - 2021-09-23 17:10 - 000000000 ____D C:\AdwCleaner
2021-09-23 17:07 - 2021-09-23 17:07 - 008553680 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner_8.3.0.exe
2021-09-23 15:50 - 2021-09-23 15:52 - 000024218 _____ C:\Users\User\Desktop\Addition.txt
2021-09-23 15:49 - 2021-09-23 17:55 - 000021200 _____ C:\Users\User\Desktop\FRST.txt
2021-09-23 15:48 - 2021-09-23 17:55 - 000000000 ____D C:\FRST
2021-09-23 15:46 - 2021-09-23 15:46 - 002304512 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2021-09-22 14:11 - 2021-09-22 14:11 - 000073136 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-23.pdf
2021-09-22 14:11 - 2021-09-22 14:11 - 000049231 _____ C:\Users\User\Downloads\labels-2021-09-23.pdf
2021-09-22 10:37 - 2021-09-22 10:37 - 000071874 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-22.pdf
2021-09-22 10:36 - 2021-09-22 10:36 - 000048997 _____ C:\Users\User\Downloads\labels-2021-09-22.pdf
2021-09-21 15:06 - 2021-09-21 15:06 - 000010995 _____ C:\Users\User\Downloads\POD_0160658-2021-09-21-1632229618143.tiff
2021-09-19 11:26 - 2021-09-19 11:26 - 000072114 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-20.pdf
2021-09-19 11:26 - 2021-09-19 11:26 - 000049280 _____ C:\Users\User\Downloads\labels-2021-09-20.pdf
2021-09-18 17:40 - 2021-09-18 17:40 - 000094726 _____ C:\Users\User\Downloads\Jesus Saved My Life - Faithlife Sermons.html
2021-09-18 17:40 - 2021-09-18 17:40 - 000000000 ____D C:\Users\User\Downloads\Jesus Saved My Life - Faithlife Sermons_files
2021-09-17 08:44 - 2021-09-17 08:44 - 000108541 _____ C:\Users\User\Downloads\Phaseo Easy_ABL2REM24020H.pdf
2021-09-16 18:17 - 2021-09-16 18:17 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-16 18:17 - 2021-09-16 18:17 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-16 18:17 - 2021-09-16 18:17 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-16 18:17 - 2021-09-16 18:17 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-16 18:17 - 2021-09-16 18:17 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-16 18:17 - 2021-09-16 18:17 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-16 18:17 - 2021-09-16 18:17 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-16 18:17 - 2021-09-16 18:17 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-16 18:17 - 2021-09-16 18:17 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-16 18:16 - 2021-09-16 18:16 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-16 18:16 - 2021-09-16 18:16 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-16 18:16 - 2021-09-16 18:16 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-16 18:16 - 2021-09-16 18:16 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-16 18:16 - 2021-09-16 18:16 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-16 18:16 - 2021-09-16 18:16 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-16 18:16 - 2021-09-16 18:16 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 18:16 - 2021-09-16 18:16 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-16 18:11 - 2021-09-16 18:11 - 000000000 ___HD C:\$WinREAgent
2021-09-16 16:56 - 2021-09-16 16:56 - 000071428 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-17.pdf
2021-09-16 16:56 - 2021-09-16 16:56 - 000049014 _____ C:\Users\User\Downloads\labels-2021-09-17.pdf
2021-09-15 20:08 - 2021-09-15 20:08 - 000021695 _____ C:\Users\User\Downloads\1617291373_INV_BHX_SOT_2YU_20210914_091928.pdf
2021-09-15 20:08 - 2021-09-15 20:08 - 000010788 _____ C:\Users\User\Downloads\1617291373_AWB_BHX_SOT_77B_20210914_091947.pdf
2021-09-15 12:45 - 2021-09-15 12:45 - 000080621 _____ C:\Users\User\Downloads\labels-2021-09-16.pdf
2021-09-15 12:45 - 2021-09-15 12:45 - 000073308 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-16.pdf
2021-09-13 09:12 - 2021-09-13 09:12 - 000187234 _____ C:\Users\User\Downloads\VAS_SK_2021 (1).pdf
2021-09-13 07:14 - 2021-09-13 07:14 - 000022675 _____ C:\Users\User\Downloads\9189063726_INV_BHX_SOT_NW1_20210910_121538.pdf
2021-09-13 07:14 - 2021-09-13 07:14 - 000010832 _____ C:\Users\User\Downloads\9189063726_AWB_BHX_SOT_OH8_20210910_121507.pdf
2021-09-12 09:23 - 2021-09-12 09:23 - 007244336 _____ C:\Users\User\Downloads\1. Podávanie liekov.pptx
2021-09-10 14:47 - 2021-09-10 14:47 - 000011838 _____ C:\Users\User\Downloads\POD_0160658-2021-09-03-1631278022996.tiff
2021-09-10 14:46 - 2021-09-10 14:46 - 000010183 _____ C:\Users\User\Downloads\POD_0160653-2021-09-07-1631277997090.tiff
2021-09-10 14:46 - 2021-09-10 14:46 - 000009395 _____ C:\Users\User\Downloads\POD_0160653-2021-09-03-1631278010530.tiff
2021-09-10 14:44 - 2021-09-10 14:44 - 000013221 _____ C:\Users\User\Downloads\POD_0160658-2021-09-10-1631277859051.tiff
2021-09-10 14:44 - 2021-09-10 14:44 - 000009720 _____ C:\Users\User\Downloads\POD_0160654-2021-09-10-1631277842086.tiff
2021-09-10 14:43 - 2021-09-10 14:43 - 000008974 _____ C:\Users\User\Downloads\POD_0160651-2021-09-10-1631277790101.tiff
2021-09-10 10:02 - 2021-09-10 10:02 - 002024691 _____ C:\Users\User\Downloads\azazm-200-b30-ltag1p1-2021-09-10-08-02.pdf
2021-09-10 10:00 - 2021-09-10 10:00 - 002022102 _____ C:\Users\User\Downloads\azazm-200-b30-rtag1p1-2021-09-10-08-00.pdf
2021-09-10 09:59 - 2021-09-10 09:59 - 000580874 _____ C:\Users\User\Downloads\azazm-200-b30-ltag1p20-2021-09-10-07-59.pdf
2021-09-10 09:30 - 2021-09-10 09:30 - 001371460 _____ C:\Users\User\Downloads\azm-200sk-t-1p2pwa-2021-09-10-07-30.pdf
2021-09-09 13:44 - 2021-09-09 13:44 - 000111836 _____ C:\Users\User\Downloads\labels-2021-09-09.pdf
2021-09-09 13:44 - 2021-09-09 13:44 - 000073067 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-09.pdf
2021-09-06 15:38 - 2021-09-06 15:38 - 000072099 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-06.pdf
2021-09-06 15:38 - 2021-09-06 15:38 - 000049283 _____ C:\Users\User\Downloads\labels-2021-09-06.pdf
2021-09-06 08:20 - 2021-09-06 08:20 - 000207776 _____ C:\Users\User\Downloads\Gavazzi_2019-2020.xlsx
2021-09-05 19:18 - 2021-09-05 19:18 - 000022283 _____ C:\Users\User\Downloads\document (19).pdf
2021-09-03 09:21 - 2021-09-03 09:21 - 002538281 _____ C:\Users\User\Downloads\Data_Sheet_CP70QXVT80_EN.PDF
2021-09-03 09:08 - 2021-09-03 09:08 - 000453701 _____ C:\Users\User\Downloads\Data_Sheet_ZAS89R602_EN.PDF
2021-09-02 14:16 - 2021-09-02 14:16 - 000171970 _____ C:\Users\User\Downloads\Usmernenie-pre-rodičov-platba-ŠJ-(1).pdf
2021-09-02 13:08 - 2021-09-02 13:08 - 000072015 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-02.pdf
2021-09-02 13:06 - 2021-09-02 13:06 - 000080576 _____ C:\Users\User\Downloads\labels-2021-09-02.pdf
2021-08-31 19:43 - 2021-08-31 19:43 - 000022211 _____ C:\Users\User\Downloads\document (18).pdf
2021-08-31 19:41 - 2021-08-31 19:41 - 000022271 _____ C:\Users\User\Downloads\document (17).pdf
2021-08-26 13:31 - 2021-08-26 13:32 - 000070981 _____ C:\Users\User\Downloads\faktura-210215560.pdf
2021-08-26 13:31 - 2021-08-26 13:31 - 000070981 _____ C:\Users\User\Downloads\faktura-210215560 (1).pdf
2021-08-25 20:06 - 2021-08-25 20:06 - 000072292 _____ C:\Users\User\Downloads\acceptance-protocol-2021-08-26.pdf
2021-08-25 20:05 - 2021-08-25 20:05 - 000046483 _____ C:\Users\User\Downloads\labels-2021-08-26.pdf
2021-08-24 11:32 - 2021-08-24 11:32 - 000080530 _____ C:\Users\User\Downloads\labels-2021-08-24.pdf
2021-08-24 11:32 - 2021-08-24 11:32 - 000072956 _____ C:\Users\User\Downloads\acceptance-protocol-2021-08-24.pdf
2021-08-24 10:44 - 2021-08-24 10:45 - 001606334 _____ C:\Users\User\Downloads\Vyhlásenie.pdf
2021-08-24 10:40 - 2021-08-24 10:40 - 001606334 _____ C:\Users\User\Desktop\Vyhlásenie.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-23 17:50 - 2018-12-17 13:35 - 000000000 ____D C:\Users\User\Documents\Súbory programu Outlook
2021-09-23 17:40 - 2020-08-10 23:41 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-23 17:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-23 17:39 - 2018-12-19 12:45 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-23 17:33 - 2020-02-14 12:12 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-23 17:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-23 17:32 - 2020-08-10 23:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-23 17:32 - 2020-08-10 23:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-23 17:32 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-23 17:32 - 2018-12-14 13:52 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-23 17:32 - 2018-12-14 13:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-09-23 17:32 - 2018-12-14 13:49 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2021-09-23 17:31 - 2021-05-28 08:59 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-09-23 17:31 - 2020-10-22 07:48 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-23 17:31 - 2020-08-10 23:42 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-23 17:31 - 2020-04-21 10:13 - 000538480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000851712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000557152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000369176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000250408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000221600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000107864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000099368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000041368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-23 17:31 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-23 17:10 - 2018-12-14 13:51 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-09-23 17:05 - 2020-08-10 23:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-23 16:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-23 16:28 - 2021-08-17 09:42 - 000000000 ____D C:\WINDOWS\Minidump
2021-09-23 16:28 - 2020-08-09 17:49 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-23 16:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-23 16:28 - 2019-05-07 12:41 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2021-09-23 16:28 - 2018-12-17 18:57 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2021-09-23 16:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-23 15:33 - 2018-12-17 12:55 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-09-21 12:36 - 2018-12-14 14:39 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2021-09-21 08:29 - 2020-08-10 23:42 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-720725377-2809074183-169206472-1001
2021-09-21 08:29 - 2020-08-10 23:36 - 000002364 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-20 14:17 - 2021-05-03 10:11 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-09-20 14:17 - 2021-05-03 10:11 - 000002475 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-09-20 10:26 - 2020-02-04 17:52 - 000000000 ____D C:\Users\User\Desktop\Rozvoz
2021-09-18 18:55 - 2020-08-10 23:42 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-18 18:55 - 2020-08-10 23:42 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-18 18:55 - 2020-08-10 23:42 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-18 18:55 - 2020-08-10 23:42 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-09-18 18:55 - 2020-08-10 23:42 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-18 18:55 - 2020-08-10 23:42 - 000002712 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Photosmart 5510 series
2021-09-18 18:55 - 2020-08-10 23:42 - 000002346 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2021-09-18 18:55 - 2020-08-10 23:42 - 000002288 _____ C:\WINDOWS\system32\Tasks\RtHDVBg
2021-09-18 18:55 - 2020-08-10 23:42 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-09-18 18:55 - 2020-08-10 23:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-18 17:26 - 2020-06-05 17:39 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 17:26 - 2020-06-05 17:39 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-16 20:35 - 2020-08-10 23:35 - 000346800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-16 20:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-16 18:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-15 20:06 - 2018-12-17 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 20:05 - 2018-12-17 13:25 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 12:15 - 2019-10-16 09:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-14 08:54 - 2018-12-19 12:45 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-14 08:54 - 2018-12-19 12:45 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-11 11:49 - 2021-01-24 21:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by User (23-09-2021 17:56:08)
Running from C:\Users\User\Desktop
Windows 10 Home Version 21H1 19043.1237 (X64) (2020-08-10 21:42:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-720725377-2809074183-169206472-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-720725377-2809074183-169206472-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-720725377-2809074183-169206472-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-720725377-2809074183-169206472-501 - Limited - Disabled)
User (S-1-5-21-720725377-2809074183-169206472-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-720725377-2809074183-169206472-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.8.2487 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 93.0.11965.83 - Autori prehliadača Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balík softvéru eID (HKLM-x32\...\{69aff1f0-e530-4ac2-ab4f-88cb85aef940}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
CDRoller (HKLM-x32\...\CDRoller_is1) (Version: 11.50 - Digital Atlantic Corp.)
CEWE fotosvet (HKLM-x32\...\CEWE fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
DiskInternals CD-DVD Recovery (HKLM-x32\...\DiskInternals CD-DVD Recovery) (Version: 4.5 - DiskInternals Research)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{CBB98874-7884-4CC1-A78C-CB53C62BC77B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Office 2013 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 15.0.5381.1000 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5381.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5381.1000 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
STORMWARE POHODA SK Standard (HKLM-x32\...\{1D355597-5580-45FC-8420-31E44A009682}) (Version: 12000.158 - STORMWARE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebAdvisor od McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.627 - McAfee, LLC)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\ZoomUMX) (Version: 5.2.1 (44052.0816) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-12-10] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.8.33.0_x86__kgqvnymyfvs32 [2021-08-29] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.202.400.0_x86__kgqvnymyfvs32 [2021-09-16] (king.com)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6 [2021-08-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.3004.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Studios)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-12-17] (Plex)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4-x32: [DiskInternals_cd_recovery] -> {6DD33479-D4D0-4666-93C8-F6DC46668518} => C:\Program Files (x86)\DiskInternals\CD and DVD Recovery\contmenu.dll [2005-01-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-720725377-2809074183-169206472-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {07CC2C80-EC94-4742-8933-59C58BAC5D7D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {09097C45-AE3A-4C75-8ED1-61B091490783} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {29050AAB-F362-41C5-B4A9-566A71068A8D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {4446F04B-5B74-4C83-A913-295EC60DF418} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {63869A10-1D38-4907-87F1-D0565B32A3C6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {C704FA26-A3AA-42F4-BC70-B5C74696422E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {D59B135F-CDA0-4D85-84A1-9434A4B852DA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {EA2E8D7F-3A8C-499F-87CB-7753D886B789} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {EA9A2917-1EA5-4F54-A174-E58EA960A1B0} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_40139
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-09-10] (McAfee, LLC -> McAfee, LLC)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-09-10] (McAfee, LLC -> McAfee, LLC)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2018-12-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-720725377-2809074183-169206472-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-720725377-2809074183-169206472-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{033914AF-C17A-4B4C-B588-8740696A01CA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E5A13DA7-7529-415E-A474-8BDAA6C6ED54}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A1E77817-3C1C-4859-89F0-9FBDACAA9C13}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6D153755-796C-4C98-AEC9-977AF9610A2D}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F73D0507-0D19-4182-BCE9-5C7524E3F205}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DE575959-ECF1-4FA3-A255-5DC82D5E953D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC77456E-6934-4129-932D-D8D05FB4507E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6709F241-CB7F-41A2-A14C-39FF6906861C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99861707-BE79-4134-A607-A29EFC0055E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5959957-49C2-4199-BF5F-94225F4EF71A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{808FDF2C-58EF-4005-B5AA-2205D47BE4D8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C3C2ED0A-D394-4045-80A5-6EF6D0E8E3D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{97FAD512-82BD-4ED8-9474-65913BF698D8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{14D09AC3-132B-47CE-8B8E-88DE1425F417}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{76C44622-5CC3-468A-A0F5-B6C687D7801A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

16-09-2021 18:11:00 Inštalátor modulov systému Windows
16-09-2021 18:12:28 Inštalátor modulov systému Windows
23-09-2021 17:10:25 AdwCleaner_BeforeCleaning_23/09/2021_17:10:24

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/23/2021 05:40:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 05:40:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 05:33:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\User\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/23/2021 05:20:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 05:20:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 05:14:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\User\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/23/2021 04:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 04:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Klikni a spusti balíka Microsoft Office sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/23/2021 04:32:01 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-P95Q40E)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


CodeIntegrity:
===============
Date: 2021-09-23 17:54:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-23 17:39:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-23 17:34:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. N551JK.203 10/06/2014
Motherboard: ASUSTeK COMPUTER INC. N551JK
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 25%
Total physical RAM: 16266.93 MB
Available physical RAM: 12199.14 MB
Total Virtual: 18698.93 MB
Available Virtual: 14750.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.43 GB) (Free:348.21 GB) NTFS
Drive d: (Data1) (Fixed) (Total:465.75 GB) (Free:443.04 GB) NTFS
Drive e: (Data2) (Fixed) (Total:465.76 GB) (Free:218.94 GB) NTFS

\\?\Volume{4e1157a8-8a06-4776-82eb-99e719e120c7}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{b2c9be00-b7a9-4eab-85b4-06dc756f4ba2}\ () (Fixed) (Total:0.77 GB) (Free:0.3 GB) NTFS
\\?\Volume{b7f18c1f-27d0-4ff3-94a5-d67868496981}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0AA68AE5)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: mail spam

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {7f8af7b5-41f0-11ea-8ebb-4851b7138719} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501eeb5-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501f0dd-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {05D7FB9E-83B3-406D-8685-79CB895FE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {48750B08-421E-46D6-A82B-5C2FD5AC10C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
Uložte do C:\Users\User\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mill
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 11 říj 2019 14:58

Re: mail spam

#7 Příspěvek od mill »

Nič sa neobjavilo, ale je to asi toto:

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by User (23-09-2021 19:27:50) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: defaultuser0 & User
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {7f8af7b5-41f0-11ea-8ebb-4851b7138719} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501eeb5-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501f0dd-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {05D7FB9E-83B3-406D-8685-79CB895FE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {48750B08-421E-46D6-A82B-5C2FD5AC10C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f8af7b5-41f0-11ea-8ebb-4851b7138719} => removed successfully
HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c501eeb5-559c-11eb-8edb-7824afcb1eb9} => removed successfully
HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c501f0dd-559c-11eb-8edb-7824afcb1eb9} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05D7FB9E-83B3-406D-8685-79CB895FE705}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05D7FB9E-83B3-406D-8685-79CB895FE705}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48750B08-421E-46D6-A82B-5C2FD5AC10C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48750B08-421E-46D6-A82B-5C2FD5AC10C6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11693132 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 802730 B
Edge => 4096 B
Chrome => 299008 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14448 B
NetworkService => 17406 B
defaultuser0 => 17406 B
User => 8004031 B

RecycleBin => 0 B
EmptyTemp: => 21.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:28:00 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: mail spam

#8 Příspěvek od Rudy »

Ano, je to ono. Bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mill
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 11 říj 2019 14:58

Re: mail spam

#9 Příspěvek od mill »

Zmena v tom mojom probléme ani nie, ale zistil som medzičasom, že problém robí AVAST, keď ho vypnem tak ten mail funguje. Asi budú musieť spraviť nejakú aktualizáciu...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: mail spam

#10 Příspěvek od Rudy »

Ano, i Avast to můžr způsobovat. Je to ale problém jeho nastavení, i když musím uznat, že mít aktuální verzi je ve vašem zájmu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mill
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 11 říj 2019 14:58

Re: mail spam

#11 Příspěvek od mill »

No to mam najnovsie aktualizacie.A čo mam teraz teda este?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: mail spam

#12 Příspěvek od Rudy »

Zkuste se podívat na Avast fórum. Myslím, že jde o problém nastvení: https://forum.avast.com/index.php?topic=127789.0 . Toto je problém, který se vztahuje k danému produktu Avast.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

mill
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 11 říj 2019 14:58

Re: mail spam

#13 Příspěvek od mill »

Už sa s tým nejak popasujem. Ešte otázka, aký by ste odporučili zadarmo antivírus, teda okrem Avastu?
A ešte čo s tým FRST a ADW na ploche a inde?
Ďakujem.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: mail spam

#14 Příspěvek od Rudy »

Mohu doporučit Aviru: https://www.avira.com/en/free-antivirus-windows . Má jen tu nevíhodu, že nemá českou (slovenskou) verzi. Jinak je to spolehlivý AV. FRST (a vše, co vytvořil) normálně smažte a ADW spusťte, přejděte na nastavení, srolujte až dolů a klikněte na "Odstranit". Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět