Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Filis
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 21 čer 2005 11:18

Preventivka

#1 Příspěvek od Filis »

Prosím o kontrolu

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2021
Ran by Filip (22-01-2021 20:32:26)
Running from C:\Users\Filip\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2019-09-22 13:52:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3054716200-2897486703-4280449553-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3054716200-2897486703-4280449553-503 - Limited - Disabled)
Filip (S-1-5-21-3054716200-2897486703-4280449553-1001 - Administrator - Enabled) => C:\Users\Filip
Guest (S-1-5-21-3054716200-2897486703-4280449553-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3054716200-2897486703-4280449553-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 87.0.7478.89 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.0.690 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.690 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit Keys (HKLM\...\{69D1C50E-6E4D-416D-A632-875EB3C5EF8A}) (Version: 18.1.690 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - BR (HKLM-x32\...\{1E6087A4-1715-4B43-9090-A3B1EFD55EF8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Capture (HKLM-x32\...\{32398CCC-C644-487E-B22B-58AE0BE0C7AE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Common (HKLM-x32\...\{796CC87C-5679-49D6-9054-FC56B9232A9A}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Connect (HKLM-x32\...\{4454CFA8-C64D-4E4A-A085-18B16E0B8BB9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Custom Data (HKLM-x32\...\{9D72E2C7-CD9C-455C-A0DB-B4D3F7B5B9B1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - CZ (HKLM-x32\...\{FD293F31-2661-4721-BF74-6375EA0CC693}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - DrawHome (HKLM-x32\...\{D1444571-9830-4967-A029-903551A49894}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - EN (HKLM-x32\...\{14F44A6C-3096-4C3F-9039-20741B443EC9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - ES (HKLM-x32\...\{448BF8BB-3961-4A6F-80E3-B65B218DFC47}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Filters (HKLM-x32\...\{289F11C5-B482-42B6-8CA8-FF7502E34A52}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - FR (HKLM-x32\...\{A850C65E-8029-4BBD-9DF8-2A178C51C4EB}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM (HKLM-x32\...\{C4DF8B81-6925-4D29-8204-933667E127B4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM Content (HKLM-x32\...\{0EC6F0EB-64A9-4A69-B8A2-7CB0779CA7A0}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IT (HKLM-x32\...\{C64347EA-C44C-4A4D-81BC-19EBDD6E8743}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - NL (HKLM-x32\...\{42FCF1AB-3A84-4AAE-9B0D-8550A803F8F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - PL (HKLM-x32\...\{490919E0-2440-4362-BA75-D6350F7A1AEF}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - PPHome (HKLM-x32\...\{04BBF42B-CCEC-44C6-8DE1-9B3F3ECB6181}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Redist (HKLM-x32\...\{F6B3E5CE-2DCD-4663-9A21-B00872AE17D9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - RU (HKLM-x32\...\{A1F3007B-B716-40C4-9F3C-C81A77926EDE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Setup Files (HKLM-x32\...\{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - VBA (HKLM-x32\...\{6268A84D-604F-4085-ADB1-634FCE8BA965}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - VideoBrowser (HKLM-x32\...\{A5E75F35-0DFB-4F1F-BB1E-C8B2B2F3B4BA}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Writing Tools (HKLM-x32\...\{7135E09C-980F-4373-B211-04B05C996113}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\_{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1.0.690 - Corel Corporation)
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\{05718EEC-DE09-454E-9D62-3152254742F1}) (Version: 18.1 - Corel Corporation) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fritz 16 64-bit (HKLM\...\{330C747E-F4EA-4896-BE96-73F3A76690C5}) (Version: 16.12.0.0 - ChessBase)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7812 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
IPM_Common_x86 (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.13.594 - Your Company Name) Hidden
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.18 - Lenovo)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3 File Merger V1.6 (HKLM-x32\...\Mp3 File Merger_is1) (Version: - Mp5music.com, Inc.)
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation)
OKI Alert Info (HKLM-x32\...\{9427081E-AC7E-49D4-964F-E2E27C7175BF}) (Version: 1.3.3 - Okidata)
OKI Color Correct Utility (HKLM-x32\...\{5D729200-F340-4A74-A1E9-32387CDC63EF}) (Version: 2.17.2 - Okidata)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI Configuration Tool (HKLM-x32\...\{0F55DD09-15EC-4F5D-B517-94852884AEF5}) (Version: 1.6.11 - Okidata)
OKI Device Setting (HKLM-x32\...\{D4E9C626-14A8-4AEB-92F3-BE65EC4CFAEF}) (Version: 1.6.11 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
OKI Network Setting (HKLM-x32\...\{099DE9EF-2781-4A72-BD0F-53AAC78A93B2}) (Version: 1.0.5 - Okidata)
OKI PDF Print Direct (HKLM-x32\...\{2CA86624-3491-4B2D-B64E-01D2D25AA732}) (Version: 3.4.8 - Okidata)
OKI Storage Manager (HKLM-x32\...\{C7BCF2EA-4AE1-4AF0-9EAB-2252015C4DF2}) (Version: 1.0.8 - Okidata)
OKI User Setting (HKLM-x32\...\{C8244493-32A4-4275-8145-D16FFE1D8E36}) (Version: 1.4.7 - Okidata)
PhotoFiltre 7 (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\PhotoFiltre 7) (Version: - )
ScannerDriver (HKLM\...\{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SMPlayer 19.10.0 (HKLM-x32\...\SMPlayer) (Version: 19.10.0 - Ricardo Villalba)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\ZoomUMX) (Version: 5.3.2 (53291.1011) - Zoom Video Communications, Inc.)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-20] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-29] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-21] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-13] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13530.20376.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13530.20376.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13530.20376.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20376.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13530.20376.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13530.20376.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-14] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13530.20376.0_x86__8wekyb3d8bbwe [2021-01-19] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.24.1.0_x64__nfy108tqq3p12 [2021-01-17] (Thumbmunkeys Ltd)
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt [2020-08-03] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-07-23] (CYBERLINKCOM CORPORATION)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Filip\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDF Print Direct] -> {C15F7681-33D8-11D3-A09B-00500402F30B} => C:\Windows\System32\OkDrtPrn.dll [2012-05-28] (Oki Data Corporation) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxDTCM.dll [2020-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-07] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro

==================== Loaded Modules (Whitelisted) =============

2020-12-09 14:52 - 2020-12-09 14:52 - 000369152 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\f0cdce77ef2696eef7572356d896ec6c\Interop.CxHDAudioAPILib.ni.dll
2020-12-09 14:52 - 2020-12-09 14:52 - 000018944 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\80eef8b6d329da653ea5bc5396eb8cae\Interop.CxUtilSvcLib.ni.dll
2019-09-22 14:58 - 2017-07-05 19:36 - 001168384 _____ (Conexant Systems, Inc.) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2011-08-23 14:33 - 2011-08-23 14:33 - 000163840 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\NCRes.dll
2010-01-22 16:22 - 2010-01-22 16:22 - 000032768 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\OPCOMAPI.dll
2011-08-19 12:15 - 2011-08-19 12:15 - 000188416 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\Scanner Assist.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000265216 ____N (Oki Data Corporation) [File not signed] C:\Windows\System32\OkDrtPrn.dll
2019-10-19 11:12 - 2012-11-06 10:49 - 000167936 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\System32\OPXMN075.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2019-11-16 07:54 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2020-10-29 09:19 - 2020-10-29 09:19 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Filip\Desktop\chomutov_1920x1080.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D340C275-19CC-4A62-8886-9553AA2A48F6}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\PPHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{2836F156-0C18-4A64-9297-5B438B1ACFE6}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\DrawHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{B6183BC5-DA39-48EB-86C0-848EB1F7C1B6}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{9BC32188-C56A-4B45-A07E-413C5B1277EB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{4D99799E-F9AE-4EA4-9CC6-BDD5B4CB2816}] => (Allow) C:\Users\Filip\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{461C64A2-3DFA-4B5A-A8FD-949B6659CF09}] => (Allow) C:\Users\Filip\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{A1263557-77A7-4CAD-990D-B999E3D5ED98}C:\users\filip\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\filip\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{793EAA04-566C-42A3-88D1-689CFBED263D}C:\users\filip\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\filip\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B253E623-92A7-4F76-87FF-7B7123F1EA41}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9FBCDF70-88BB-4FDA-9AC1-EC24BDE4D893}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9008E8DA-8B0A-4B56-8B50-575C1D3A2893}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20376.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:70.64 GB) (60%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/22/2021 07:08:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ChessProgram16.exe, verze: 16.32.0.0, časové razítko: 0x5f2aafb0
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.18362.1110, časové razítko: 0xb4cacc38
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006dace
ID chybujícího procesu: 0x758
Čas spuštění chybující aplikace: 0x01d6f0e98e175eb4
Cesta k chybující aplikaci: C:\Program Files\ChessBase\ChessProgram16\ChessProgram16.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: e7ba8de0-af9e-46ce-b380-29298c10feb8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/22/2021 06:19:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12220,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/22/2021 06:13:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10220,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/22/2021 05:28:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14440,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/22/2021 05:07:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4568,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/22/2021 04:25:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3372,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/22/2021 03:36:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4452,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/22/2021 03:26:42 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13412,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/22/2021 12:07:17 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-KRDM9FQ3)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/22/2021 12:05:48 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (a8:9c:ed:5f:99:40) se nezdařilo.

Error: (01/22/2021 12:05:02 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (01/22/2021 12:05:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:14:47, ‎22.‎01.‎2021) bylo neočekávané.

Error: (01/21/2021 05:42:12 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD

Error: (01/21/2021 05:42:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:10:51, ‎21.‎01.‎2021) bylo neočekávané.

Error: (01/21/2021 05:36:03 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-KRDM9FQ3)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/21/2021 12:08:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PCMMNB260TX-E0469640.LenovoUtility.


CodeIntegrity:
===================================

Date: 2021-01-22 20:31:42.364
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-01-22 20:30:33.746
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-22 20:30:32.497
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-22 20:30:30.836
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-22 20:30:30.809
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-22 20:30:30.487
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-22 20:30:30.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-22 20:30:30.259
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 6SCN42WW 05/02/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 55%
Total physical RAM: 7613.43 MB
Available physical RAM: 3369.63 MB
Total Virtual: 9533.43 MB
Available Virtual: 4661.02 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:70.66 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:48.81 GB) NTFS

\\?\Volume{06ae05ca-f5ac-44c3-8fcb-05a3b728dc94}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.55 GB) NTFS
\\?\Volume{b1a6e7c9-a952-4104-9474-15cad919f268}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 28A5D9BC)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: F5425621)

Partition: GPT.

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2021
Ran by Filip (administrator) on LAPTOP-KRDM9FQ3 (LENOVO 81AX) (22-01-2021 20:30:37)
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\Alps\GlidePoint\Apoint.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\Alps\GlidePoint\ApMsgFwd.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\Alps\GlidePoint\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\Alps\GlidePoint\HidMonitorSvc.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(Conexant Systems, Inc) [File not signed] [File is in use] C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(ChessBase-Schachprogramme-Schachdatenbank VerlagsgesellschaftmbH -> ChessBase GmbH) C:\Users\Filip\AppData\Local\ChessBase\Updates\GUI16x64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8a8976fda8c58073\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_bff7913eb62bbf90\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Filip\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(mpv) [File not signed] C:\Program Files (x86)\SMPlayer\mpv\mpv.exe
(Oki Data Corporation -> Oki Data Corporation) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
(Oki Data Corporation) [File not signed] C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Ricardo Villalba) [File not signed] C:\Program Files (x86)\SMPlayer\smplayer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [603992 2017-06-23] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation -> Oki Data Corporation)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Filip\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\OPLAPP3: C:\Windows\System32\spool\prtprocs\x64\OPLAPP3.dll [43520 2012-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\Common XP64 Language Monitor: C:\WINDOWS\system32\oklmon64.dll [27648 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\Oki Common XP64 Language Monitor: C:\WINDOWS\system32\OKLMON64.DLL [27648 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\WINDOWS\system32\OKLMON64.DLL [27648 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\OKI XPSDrv Language Monitor 1 x64: C:\WINDOWS\system32\OPXMN075.DLL [167936 2012-11-06] (Oki Data Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.89\Installer\chrmstp.exe [2021-01-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17342D10-31F3-43CB-8CBB-6C5CEE84179F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1CADE521-69D9-44FD-853F-04492EBAF892} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1E8C7B41-BA0A-40AF-8CF3-4CC1133DD9F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {29CCDAFF-B9DB-4C7D-981A-E4F2D0AD5E3D} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [225216 2018-02-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
Task: {30DA7828-0F76-413D-9EA5-A450561D8E08} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
Task: {4688A714-0AF1-455E-9128-FF3E6AECC7D4} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {78CA8D6E-9C6A-4C20-8FE0-60C0B109F1A3} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {811D2AD3-F440-4ABD-847B-31E803C53C6A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {A00765E5-4DDF-4252-8551-5C17D47D70F5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {A4B501A3-F5AD-48E5-972D-906BD3277571} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1977872 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {B9DAF583-11A3-482B-AC4B-7F672E41EA2E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1977872 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {E1D1F9AE-E813-4C90-AD6B-FACBA30220BE} - System32\Tasks\RTFTrack => C:\WINDOWS\RTFTrack.exe [5462984 2018-02-06] (Realtek Semiconductor Corp. -> Realtek semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{afd7acdf-4d55-4f72-a87c-54f2f81f77f2}: [DhcpNameServer] 172.168.137.2
Tcpip\..\Interfaces\{dd0745eb-901b-4387-bd5a-174c3f643650}: [DhcpNameServer] 10.255.255.10 10.255.255.20

Edge:
=======
Edge Profile: C:\Users\Filip\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-22]

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2021-01-22]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://live-stream365.com; hxxps://livesport24.host; hxxps://tabelaesportiva.com; hxxps://web.skype.com; hxxps://www.instagram.com
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Dokumenty) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Tabulky) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Pomocník GIVT.cz) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2021-01-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\WINDOWS\system32\Alps\GlidePoint\HidMonitorSvc.exe [345384 2020-04-08] (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.89\elevation_service.exe [1195824 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R2 OpLclSrv; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [181760 2012-03-28] (Oki Data Corporation) [File not signed]
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidFiltr.sys [285456 2020-04-08] (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-22 20:30 - 2021-01-22 20:31 - 000020222 ____C C:\Users\Filip\Desktop\FRST.txt
2021-01-22 20:27 - 2021-01-22 20:28 - 002296320 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2021-01-19 23:01 - 2021-01-19 23:01 - 001940408 ____C C:\Users\Filip\Desktop\Záloha_dolepky.cdr
2021-01-19 18:26 - 2021-01-19 18:26 - 002038070 _____ C:\Users\Filip\Downloads\SetupSFotbal.zip
2021-01-19 17:40 - 2021-01-19 17:40 - 001528670 _____ C:\Users\Filip\Desktop\šakal-tisk.pdf
2021-01-14 17:38 - 2021-01-14 17:38 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 17:38 - 2021-01-14 17:38 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 17:38 - 2021-01-14 17:38 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 17:38 - 2021-01-14 17:38 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 17:38 - 2021-01-14 17:38 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 17:38 - 2021-01-14 17:38 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 17:38 - 2021-01-14 17:38 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 17:38 - 2021-01-14 17:38 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 17:38 - 2021-01-14 17:38 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 17:38 - 2021-01-14 17:38 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 17:38 - 2021-01-14 17:38 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 17:38 - 2021-01-14 17:38 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 17:38 - 2021-01-14 17:38 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 17:38 - 2021-01-14 17:38 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 17:38 - 2021-01-14 17:38 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 17:37 - 2021-01-14 17:37 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 17:37 - 2021-01-14 17:37 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 17:37 - 2021-01-14 17:37 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 17:37 - 2021-01-14 17:37 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 17:37 - 2021-01-14 17:37 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 17:37 - 2021-01-14 17:37 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 17:37 - 2021-01-14 17:37 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 17:37 - 2021-01-14 17:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 17:37 - 2021-01-14 17:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 17:37 - 2021-01-14 17:37 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 17:36 - 2021-01-14 17:36 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 17:36 - 2021-01-14 17:36 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 17:36 - 2021-01-14 17:36 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 17:36 - 2021-01-14 17:36 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 17:36 - 2021-01-14 17:36 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 17:36 - 2021-01-14 17:36 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 17:36 - 2021-01-14 17:36 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 17:36 - 2021-01-14 17:36 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 17:36 - 2021-01-14 17:36 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 17:36 - 2021-01-14 17:36 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-07 09:24 - 2021-01-07 17:24 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-07 09:24 - 2021-01-07 09:24 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-29 14:10 - 2020-12-29 14:10 - 000010413 _____ C:\Users\Filip\Desktop\pozvánky.xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-22 20:31 - 2019-03-13 22:18 - 000000000 ____D C:\Users\Filip\.smplayer
2021-01-22 20:30 - 2020-01-18 18:38 - 000000000 ____D C:\FRST
2021-01-22 20:28 - 2019-09-22 14:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-22 20:28 - 2019-09-22 14:51 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-22 20:28 - 2019-09-22 14:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-01-22 19:09 - 2019-03-18 21:16 - 000000000 ___DC C:\Users\Filip\AppData\Local\CrashDumps
2021-01-22 19:06 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-22 16:57 - 2019-09-22 14:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-22 15:20 - 2019-03-30 13:31 - 000000000 ____D C:\Program Files\CCleaner
2021-01-22 15:20 - 2019-03-14 02:55 - 000000000 __SHD C:\Users\Filip\IntelGraphicsProfiles
2021-01-22 14:23 - 2019-09-22 14:46 - 000000000 ____D C:\Users\Filip
2021-01-22 12:12 - 2019-09-22 14:54 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-22 12:12 - 2019-03-19 12:55 - 000685252 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-22 12:12 - 2019-03-19 12:55 - 000137918 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-22 12:12 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-22 12:05 - 2019-09-22 14:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-22 12:05 - 2018-11-28 23:12 - 000000000 __HDC C:\Intel
2021-01-21 20:24 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-21 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-21 17:45 - 2019-09-22 14:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-21 17:36 - 2020-02-07 22:51 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-20 08:17 - 2020-10-27 13:47 - 000002379 ____C C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-19 22:33 - 2019-03-18 17:13 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-19 22:26 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-15 06:03 - 2019-03-14 02:55 - 000000000 ___RD C:\Users\Filip\3D Objects
2021-01-15 06:03 - 2018-04-17 20:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-01-15 06:02 - 2019-09-22 14:43 - 000582808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-14 22:38 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 22:38 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-14 22:38 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 22:19 - 2019-03-18 17:17 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-01-14 17:44 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-14 17:43 - 2019-03-13 22:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 17:41 - 2019-03-13 22:32 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 17:36 - 2019-09-22 14:45 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-10 07:30 - 2019-09-22 14:51 - 000003552 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Task
2021-01-10 07:30 - 2019-09-22 14:51 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3054716200-2897486703-4280449553-1001
2021-01-10 07:30 - 2019-09-22 14:51 - 000002830 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task v2
2021-01-10 07:30 - 2019-09-22 14:51 - 000002084 _____ C:\WINDOWS\system32\Tasks\RTFTrack
2021-01-10 07:30 - 2019-09-22 14:51 - 000002076 _____ C:\WINDOWS\system32\Tasks\RtsCM
2021-01-08 13:24 - 2019-03-18 17:15 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-08 01:11 - 2019-04-25 14:33 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-07 13:24 - 2019-03-18 17:15 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-07 09:24 - 2020-10-27 12:26 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-01-07 09:24 - 2020-04-22 23:20 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-01-07 09:24 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-07 09:24 - 2019-03-18 17:15 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-01-07 09:24 - 2019-03-18 17:15 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-27 09:45 - 2019-03-14 02:59 - 000000000 ___DC C:\Users\Filip\AppData\Local\PlaceholderTileLogoFolder

==================== Files in the root of some directories ========

2020-03-05 19:52 - 2020-03-05 19:53 - 022195736 _____ (Piriform Software Ltd) C:\Users\Filip\ccsetup564.exe
2019-12-18 20:17 - 2019-12-18 20:17 - 000852511 _____ (Mp5music.com, Inc. ) C:\Users\Filip\Mp5music_setup.exe
2020-03-23 21:53 - 2020-03-23 21:54 - 070011112 _____ (Skype Technologies S.A.) C:\Users\Filip\Skype-8.58.0.93.exe
2019-11-16 14:32 - 2019-11-16 14:32 - 041645419 _____ () C:\Users\Filip\smplayer-19.10.0-win32.exe
2019-11-14 18:00 - 2019-11-14 18:19 - 000000036 _____ () C:\Users\Filip\AppData\Roaming\opusbext.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Filis
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 21 čer 2005 11:18

Re: Preventivka

#3 Příspěvek od Filis »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-23-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1968 octets] - [17/01/2020 19:23:09]
AdwCleaner[S01].txt - [2029 octets] - [18/01/2020 19:03:59]
AdwCleaner[C01].txt - [2306 octets] - [18/01/2020 19:04:52]
AdwCleaner[S02].txt - [1650 octets] - [11/03/2020 19:27:35]
AdwCleaner[S03].txt - [1711 octets] - [12/03/2020 20:00:54]
AdwCleaner[C03].txt - [1912 octets] - [12/03/2020 20:01:52]
AdwCleaner[S04].txt - [1772 octets] - [04/04/2020 10:22:01]
AdwCleaner[C04].txt - [1962 octets] - [04/04/2020 10:22:28]
AdwCleaner[S05].txt - [1894 octets] - [16/04/2020 22:15:44]
AdwCleaner[C05].txt - [2084 octets] - [16/04/2020 22:16:06]
AdwCleaner[S06].txt - [2016 octets] - [29/04/2020 09:16:30]
AdwCleaner[C06].txt - [2206 octets] - [29/04/2020 09:17:35]
AdwCleaner[S07].txt - [2138 octets] - [13/05/2020 16:23:13]
AdwCleaner[C07].txt - [2328 octets] - [13/05/2020 16:23:30]
AdwCleaner[S08].txt - [2260 octets] - [28/05/2020 21:12:28]
AdwCleaner[C08].txt - [2450 octets] - [28/05/2020 21:43:58]
AdwCleaner[S09].txt - [2382 octets] - [30/05/2020 21:04:19]
AdwCleaner[C09].txt - [2572 octets] - [30/05/2020 21:04:53]
AdwCleaner[S10].txt - [2504 octets] - [17/06/2020 16:44:05]
AdwCleaner[S11].txt - [2565 octets] - [05/07/2020 00:07:00]
AdwCleaner[C11].txt - [2755 octets] - [05/07/2020 00:07:20]
AdwCleaner[S12].txt - [2687 octets] - [29/09/2020 03:07:06]
AdwCleaner[S13].txt - [2748 octets] - [04/12/2020 14:48:06]
AdwCleaner[C13].txt - [2938 octets] - [04/12/2020 14:49:28]
AdwCleaner[S14].txt - [2870 octets] - [23/01/2021 07:19:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C14].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka

#4 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Filis
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 21 čer 2005 11:18

Re: Preventivka

#5 Příspěvek od Filis »

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-01-2021
Ran by Filip (23-01-2021 07:41:06) Run:3
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 17:37 - 2021-01-14 17:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =

EmptyTemp:

*****************

HKLM\SOFTWARE\Policies\Mozilla => removed successfully
C:\WINDOWS\system32\DrtmAuth9.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth8.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth7.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth6.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth5.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth4.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth3.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth2.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth18.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth17.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth16.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth15.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth12.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth11.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth10.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth1.bin => moved successfully
"HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AB2CDC60-135E-4C2C-B92D-D9C66595695F} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14836640 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 6043525 B
Chrome => 439373165 B
Brave => 0 B
Vivaldi => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Filip => 91467776 B

RecycleBin => 152576 B
EmptyTemp: => 536.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 07:41:28 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka

#6 Příspěvek od Diallix »

Je to ok.

Islo len o docistenie, pocitac je inak cisty. Su snim neake problemy?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Filis
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 21 čer 2005 11:18

Re: Preventivka

#7 Příspěvek od Filis »

Ne, jen při Corelu se seká, ale to asi bude spíš nedostatečným výkonem, prostě už na to nemá :)

Filis
Návštěvník
Návštěvník
Příspěvky: 205
Registrován: 21 čer 2005 11:18

Re: Preventivka

#8 Příspěvek od Filis »

Jestli je to tedy vše, tak díky!

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivka

#9 Příspěvek od Diallix »

V pohode, nemate zaco :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno