Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
havranec
Návštěvník
Návštěvník
Příspěvky: 135
Registrován: 02 bře 2008 09:01

Prosím o kontrolu

#1 Příspěvek od havranec »

Prosím o kontrolu. Zachytený nejaký vírus, ale aj tak sa mi to nejako nezdá.
Ďakujem

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by User (administrator) on DESKTOP-H92TJ3T (LENOVO F0CM001FCK) (30-01-2021 09:46:08)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Windows 10 Home Version 2004 19041.746 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.23383.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.8.7.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvla.inf_amd64_99128128671d22fb\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Viber Media S.à r.l. -> Viber Media S.à r.l.) C:\Users\User\AppData\Local\Viber\Viber.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lenovo Silver Silk Wireless Keyboard] => C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe [1742336 2013-08-14] (Lenovo) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2478848 2021-01-20] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Run: [eyeBeam SIP Client] => C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe [18550784 2006-05-31] () [File not signed]
HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Run: [CCleanerBrowserAutoLaunch_EC8997D804BA665BF9CED445ADD933D6] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2021-01-30] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-28] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0469288B-E16E-40F2-A987-E8B5456A2E31} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {07B65ED8-A125-45CE-9BAB-530CCBC9BCF3} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {08E145BE-2049-48B6-8ED6-C58B46206437} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {15BC797C-4487-4EB9-B169-E8AA51E8851A} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-30] (Piriform Software Ltd -> Piriform Software)
Task: {18D07819-F21A-4787-A008-B9F98B8CFCD3} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {2FC661B9-02D1-46F8-BCEE-5C671659BD18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {426A684A-44E6-497E-B3E0-E4C18EF2E833} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C5EBE63-666A-4E57-8AE5-26E8D94A4731} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {54ABFABC-1ACB-4F18-8B94-281D8B92BB04} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e2233c5f-8a59-4266-80d3-fd6a0af4ff20 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {5DE4F256-C57F-4940-86C9-A7621E5ED063} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {676C4514-4BEB-4D6E-A703-CBB6513FE149} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {6E92901E-3945-44DE-B505-253427F5162A} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-30] (Piriform Software Ltd -> Piriform Software)
Task: {79A9C1FC-4956-4B78-8F29-05F5002C8E21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-05] (Google Inc -> Google LLC)
Task: {8A569646-4539-4A71-A5FC-1F4D62464B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {9752E5B5-F5F8-47DF-A975-480E42EED1D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A655C4FB-9FFB-4B94-B1BE-F4EA6D84A52D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1496144255-991381806-58249036-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {A7862DE9-D075-40F8-AD61-0DFFB5609C9C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6ee5e4af-ca4d-4d52-b1c1-a4134fe6de01 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B2A2CCD2-CC9B-4B80-A184-4053D254E62A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B41EB5EA-0422-4EC5-B1CA-866284A8CB49} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {BC36B622-2CB0-48CA-866D-803BB502A423} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {C527471E-313A-474B-9EA2-63FBEB5DE3D0} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {CB32A186-6D3D-426B-AB13-05112C61EE0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D44A2308-5154-478E-8D38-27E691003BE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-05] (Google Inc -> Google LLC)
Task: {E2720F1B-0479-4474-8E59-54B4F85A62F3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c9da200d-30e2-469a-9db6-cb939b19fb83 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E6892C7B-09A9-40A1-820A-5FCF610A59C9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a66405bb-75f3-4b2e-a900-058ebfc38998 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E97374FA-1445-4EC8-A9B4-7F9A8F19B7DD} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-18] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {EDBDF908-02EA-49FA-A77A-9FD7F4EAAA54} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {FADB12E7-DD5E-433D-9963-939D0F42B5DE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5c362e89-8288-4ab5-958b-95c3bff238f2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c8a8dfcb-a889-48f8-9307-d49bd92c8e62}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30]

FireFox:
========
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-01-30] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-01-30] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-01-30]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://metro-sk.os.tc; hxxps://optolov.ru; hxxps://web.whatsapp.com; hxxps://www.banggood.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://xiaomiplanet.sk
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentácie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-05]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-05]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-05]
CHR Extension: (Tabuľky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (AVG SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-30] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-30] (Piriform Software Ltd -> Piriform Software)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2414264 2017-08-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvla.inf_amd64_99128128671d22fb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvla.inf_amd64_99128128671d22fb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [329184 2017-04-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-30 09:46 - 2021-01-30 09:46 - 000021834 ____C C:\Users\User\Desktop\FRST.txt
2021-01-30 09:43 - 2021-01-30 09:43 - 002297856 ____C (Farbar) C:\Users\User\Desktop\FRST64.exe
2021-01-30 09:41 - 2021-01-30 09:41 - 000003842 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2021-01-30 09:41 - 2021-01-30 09:41 - 000003258 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2021-01-30 09:41 - 2021-01-30 09:41 - 000002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-01-30 09:41 - 2021-01-30 09:41 - 000002439 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2021-01-30 09:41 - 2021-01-30 09:41 - 000000000 ____D C:\Users\User\AppData\Local\CCleaner Browser
2021-01-30 09:41 - 2021-01-30 09:41 - 000000000 ____D C:\ProgramData\CCleaner Browser
2021-01-30 09:40 - 2021-01-30 09:41 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-01-30 09:40 - 2021-01-30 09:40 - 000003512 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2021-01-30 09:40 - 2021-01-30 09:40 - 000003388 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-01-30 09:39 - 2021-01-30 09:39 - 000000000 ___DC C:\Users\User\Desktop\FRST-OlderVersion
2021-01-30 04:09 - 2021-01-30 04:09 - 000205956 ____C C:\Users\User\Downloads\[SkT]Skrys___Shelter_(2010)(CZ)[1080p]_=_CSFD_64%.torrent
2021-01-30 04:09 - 2021-01-30 04:09 - 000011413 ____C C:\Users\User\Downloads\[SkT]Tribal__Get_Out_Alive_(2020)(CZ)[WebRip][1080p].torrent
2021-01-30 04:05 - 2021-01-30 04:05 - 000016314 ____C C:\Users\User\Downloads\[SkT]Kruta_rasa___The_Breed_(2006)_CZ_CSFD_53%_=_CSFD_53%.torrent
2021-01-29 18:09 - 2021-01-29 18:09 - 000070676 ____C C:\Users\User\Downloads\[SkT]Modry_Kod_Sestricky_18._dil_-_VER_MI!_=_CSFD_33%.torrent
2021-01-28 16:27 - 2021-01-28 16:30 - 000719347 ____C C:\Users\User\Downloads\Priloha_c-3-Potvrdenie-o-vykonani-testu (OK.pdf
2021-01-28 16:02 - 2021-01-28 16:02 - 000392992 ____C C:\Users\User\Downloads\Priloha_c-3-Potvrdenie-o-vykonani-testu (2).pdf
2021-01-28 14:19 - 2021-01-28 14:19 - 000015297 ____C C:\Users\User\Downloads\[SkT]Zlo_na_dohled___The_Neighborhood_Watch_(2018)(CZ)_=_CSFD_35%.torrent
2021-01-28 10:04 - 2021-01-28 10:04 - 000018869 ____C C:\Users\User\Downloads\[SkT]Tunnelen___The_Tunnel_(2019)(SK)[1080p]_=_CSFD_59%.torrent
2021-01-28 09:03 - 2021-01-28 09:03 - 000014679 ____C C:\Users\User\Downloads\[SkT]Tunnelen___The_Tunnel_(2019)(SK)_=_CSFD_60%.torrent
2021-01-28 07:36 - 2021-01-28 07:36 - 000249319 ____C C:\Users\User\Desktop\05032018-EXT_IUP_Dohoda.pdf
2021-01-23 16:34 - 2021-01-23 16:34 - 000392992 ____C C:\Users\User\Downloads\Priloha_c-3-Potvrdenie-o-vykonani-testu.pdf
2021-01-23 16:23 - 2021-01-23 16:23 - 000392992 ____C C:\Users\User\Downloads\Priloha_c-3-Potvrdenie-o-vykonani-testu (1).pdf
2021-01-21 04:56 - 2021-01-21 04:56 - 000014761 ____C C:\Users\User\Downloads\[SkT]Sokujici_odhaleni___Bombshell_(2019)(CZ)_=_CSFD_62%.torrent
2021-01-21 04:56 - 2021-01-21 04:56 - 000013494 ____C C:\Users\User\Downloads\[SkT]Dobry_synek___The_Good_Son_(1993)_CZ_=_CSFD_66%.torrent
2021-01-21 04:55 - 2021-01-21 04:55 - 000016527 ____C C:\Users\User\Downloads\[SkT]Mikey_dieta_zlocinu___Mikey_(1992)_CZ_=_CSFD_52%.torrent
2021-01-21 04:54 - 2021-01-21 04:54 - 000012322 ____C C:\Users\User\Downloads\[SkT]__Rytmicka_sekce___The_Rhythm_Section_(2020)(CZ)_=_CSFD_50%.torrent
2021-01-20 04:41 - 2021-01-20 04:41 - 000037898 ____C C:\Users\User\Downloads\[SkT]Zlocin___The_Killing_1._serie_(CZ)[TvRip]_=_CSFD_86%.torrent
2021-01-20 04:40 - 2021-01-20 04:40 - 000353765 ____C C:\Users\User\Downloads\[SkT]Modry_kod_-_1._serie_(CZ)[WebRip]_=_CSFD_13%.torrent
2021-01-20 03:04 - 2021-01-20 03:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6cb9c3c4b9fed
2021-01-17 20:05 - 2021-01-17 20:05 - 000000000 ___DC C:\Users\User\AppData\Local\Viber
2021-01-17 04:32 - 2021-01-17 04:32 - 000015120 ____C C:\Users\User\Downloads\[SkT]Za_carou____Outside_the_Wire_(2021)(CZ)[WebRip]_=_CSFD_53%.torrent
2021-01-17 04:31 - 2021-01-17 04:31 - 000013967 ____C C:\Users\User\Downloads\[SkT]Neznamy___Unknown_(2011)(CZ_EN)[1080p]_=_CSFD_71%.torrent
2021-01-16 18:49 - 2021-01-16 18:49 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-16 18:49 - 2021-01-16 18:49 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-16 18:49 - 2021-01-16 18:49 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-16 18:49 - 2021-01-16 18:49 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-16 18:49 - 2021-01-16 18:49 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-16 18:49 - 2021-01-16 18:49 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-16 18:49 - 2021-01-16 18:49 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-16 18:49 - 2021-01-16 18:49 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-16 18:49 - 2021-01-16 18:49 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-16 18:49 - 2021-01-16 18:49 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-16 18:49 - 2021-01-16 18:49 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-16 18:49 - 2021-01-16 18:49 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-16 18:49 - 2021-01-16 18:49 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-16 18:48 - 2021-01-16 18:48 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-16 18:48 - 2021-01-16 18:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-16 18:48 - 2021-01-16 18:48 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-16 18:48 - 2021-01-16 18:48 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-16 18:48 - 2021-01-16 18:48 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-16 18:47 - 2021-01-16 18:47 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-16 18:47 - 2021-01-16 18:47 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-16 18:47 - 2021-01-16 18:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-16 18:47 - 2021-01-16 18:47 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-16 18:47 - 2021-01-16 18:47 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-16 18:47 - 2021-01-16 18:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-16 18:47 - 2021-01-16 18:47 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-16 18:47 - 2021-01-16 18:47 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-15 04:26 - 2021-01-15 04:26 - 000019000 ____C C:\Users\User\Downloads\[SkT]Mastickar___Znachor_(1981)(SK)[TvRip]_=_CSFD_85%.torrent
2021-01-13 04:14 - 2021-01-13 04:14 - 000126758 ____C C:\Users\User\Downloads\[SkT]Ozark_-_3._serie_(CZ_EN)[WebRip][720p]_=_CSFD_80%.torrent
2021-01-13 04:14 - 2021-01-13 04:14 - 000113623 ____C C:\Users\User\Downloads\[SkT]Ozark_-_2._serie_(CZ_EN)[WebRip][720p]_=_CSFD_80%.torrent
2021-01-13 04:13 - 2021-01-13 04:13 - 000020289 ____C C:\Users\User\Downloads\[SkT]Kong__Ostrov_lebek___Kong__Skull_Island_(2017)(CZ)[1080p]_=_CSFD_66%.torrent
2021-01-11 04:24 - 2021-01-11 04:25 - 000013567 ____C C:\Users\User\Downloads\[SkT]Divoch___Savage_(2019)(CZ)[WebRip].torrent
2021-01-10 05:44 - 2021-01-10 05:44 - 000015741 ____C C:\Users\User\Downloads\[SkT]Zkrat___Haywire_(2011)(CZ)_=_CSFD_55%.torrent
2021-01-07 20:31 - 2021-01-07 20:31 - 000017745 ____C C:\Users\User\Downloads\[SkT]_Operace_Entebbe___7_Days_in_Entebbe_(2018)(CZ)_=_CSFD_65%.torrent
2021-01-07 19:20 - 2021-01-07 19:20 - 000010845 ____C C:\Users\User\Downloads\[SkT]Fukusima___Fukushima_50_(2020)(CZ)[1080p]_=_CSFD_52%.torrent
2021-01-06 06:06 - 2021-01-06 06:06 - 000013989 ____C C:\Users\User\Downloads\[SkT]Spjascije_-_1._serie_(2017)(SK)[720p]_=_CSFD_83%.torrent
2021-01-05 07:37 - 2021-01-05 07:37 - 000012360 ____C C:\Users\User\Downloads\[SkT]Amundsen_(2019)(CZ)[720p]_=_CSFD_64%.torrent
2021-01-04 07:22 - 2021-01-04 07:22 - 000016110 ____C C:\Users\User\Downloads\[SkT]Boure_dusi___Dveselu_putenis_(2019)(CZ)[WebRip][720p]_=_CSFD_74%.torrent
2021-01-04 07:22 - 2021-01-04 07:22 - 000013768 ____C C:\Users\User\Downloads\[SkT]Breitnerovo_komando___Qu'un_sang_impur..._(2019)(CZ)_=_CSFD_70%.torrent
2021-01-02 06:17 - 2021-01-02 06:17 - 000018022 ____C C:\Users\User\Downloads\[SkT]Mesto_carodejnic___Witchville_(2010)(CZ)[1080p]_=_CSFD_32%.torrent
2021-01-02 06:16 - 2021-01-02 06:16 - 000502830 ____C C:\Users\User\Downloads\[SkT]Cliffhanger_(1993)(CZ_EN)[1080p]_=_CSFD_76%.torrent
2021-01-02 06:16 - 2021-01-02 06:16 - 000015527 ____C C:\Users\User\Downloads\[SkT]Novi_mutanti___The_New_Mutants_(2020)(CZ_EN)[1080p]_=_CSFD_52%.torrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-30 09:46 - 2019-10-07 15:08 - 000000000 ___DC C:\FRST
2021-01-30 09:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-30 09:40 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 09:40 - 2019-10-08 12:15 - 000000000 ____D C:\Program Files\CCleaner
2021-01-30 09:18 - 2019-05-30 21:04 - 000000000 __RDC C:\Users\User\OneDrive
2021-01-30 09:17 - 2019-05-30 21:02 - 000000000 _SHDC C:\Users\User\IntelGraphicsProfiles
2021-01-30 07:46 - 2019-06-05 10:36 - 000000000 ___DC C:\Users\User\AppData\Roaming\uTorrent
2021-01-30 07:46 - 2019-05-30 20:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-30 03:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-30 03:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-29 17:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-29 07:12 - 2019-05-30 21:02 - 000000000 ___DC C:\Users\User\AppData\Local\Packages
2021-01-28 16:40 - 2020-06-10 09:27 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-28 10:29 - 2020-12-06 07:56 - 001693346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-28 10:29 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-28 10:29 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-28 10:22 - 2020-12-06 07:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-28 10:22 - 2020-12-06 07:46 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-28 10:22 - 2020-12-06 07:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-28 10:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-28 08:03 - 2019-06-05 10:20 - 000000000 ___DC C:\Users\User\Documents\ViberDownloads
2021-01-28 04:47 - 2019-06-05 10:06 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-26 08:46 - 2020-11-04 15:09 - 001296896 ____C C:\Users\User\Desktop\Zmena D.xls
2021-01-23 20:08 - 2020-10-01 13:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-23 11:39 - 2019-07-30 04:02 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-20 03:04 - 2020-12-06 07:52 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-18 05:46 - 2019-06-05 10:35 - 000000000 ___DC C:\Users\User\AppData\Roaming\ViberPC
2021-01-16 20:16 - 2020-12-06 07:46 - 000446080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-16 20:15 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-16 20:15 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-16 20:15 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-16 18:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-16 18:47 - 2020-12-06 07:49 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-16 18:39 - 2020-12-06 06:57 - 000000000 __HDC C:\$WinREAgent
2021-01-16 18:37 - 2019-06-05 02:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-16 18:35 - 2019-06-05 02:17 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 06:46 - 2020-12-06 07:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-13 06:14 - 2019-06-05 10:20 - 000000000 ___DC C:\Users\User\Documents\uživatelske priručky
2021-01-11 05:34 - 2019-06-25 08:44 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2021-01-11 04:24 - 2019-05-30 20:40 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-11 04:23 - 2019-06-05 10:12 - 000000000 ___DC C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-01-11 04:23 - 2019-06-05 10:12 - 000000000 ____D C:\Games
2021-01-10 11:29 - 2019-09-22 16:46 - 000000000 ___DC C:\Users\User\Desktop\ventilator
2021-01-02 07:15 - 2020-02-04 06:49 - 000000000 ____D C:\Users\User\AppData\Roaming\WhatsApp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by User (30-01-2021 09:47:34)
Running from C:\Users\User\Desktop
Windows 10 Home Version 2004 19041.746 (X64) (2020-12-06 06:52:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1496144255-991381806-58249036-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1496144255-991381806-58249036-503 - Limited - Disabled)
Guest (S-1-5-21-1496144255-991381806-58249036-501 - Limited - Disabled)
User (S-1-5-21-1496144255-991381806-58249036-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1496144255-991381806-58249036-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 86.1.6938.201 - Piriform Software)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7757 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{AA90D357-23D3-44C1-954D-7105B0C08F38}) (Version: 17.7.0.1006 - Intel Corporation)
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo) Hidden
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\InstallShield_{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.53 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10442 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.29094 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 - Realtek)
Viber (HKLM-x32\...\{BCFF3282-3299-47F2-95C3-3C0165260EB2}) (Version: 10.3.0.36 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\{8ce90cb2-6f65-4b26-bd5c-e9627995f807}) (Version: 10.3.0.36 - Viber Media S.a.r.l)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Wargaming.net Game Center) (Version: 20.8.0.3331 - Wargaming.net)
WhatsApp (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\WhatsApp) (Version: 2.2037.6 - WhatsApp)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\WOWS.WW.PRODUCTION) (Version: - Wargaming.net)
X-Lite 3.0 (HKLM-x32\...\X-Lite 1.5_is1) (Version: - CounterPath Solutions Inc.)

Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-16] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-02-16] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-22] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-06-05] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-05] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-08-07] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-08-07] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxDTCM.dll [2020-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvla.inf_amd64_99128128671d22fb\nvshext.dll [2020-07-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2011-11-03 19:48 - 2011-11-03 19:48 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skfunc.dll
2011-10-21 21:41 - 2011-10-21 21:41 - 000061952 _____ (LITE-ON Corp.) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skhooks.dll
2011-11-18 18:07 - 2011-11-18 18:07 - 000054272 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\SKHidKbd.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1496144255-991381806-58249036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1496144255-991381806-58249036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1496144255-991381806-58249036-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-1496144255-991381806-58249036-1001 -> DefaultScope {6B9095F2-7B4D-414C-B2EC-A97FFE92B29E} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1496144255-991381806-58249036-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_EA977365BF5B2185FA52414E130E9AF9"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B56A6DEE-2D0E-48BD-9924-6669EEC2A7C0}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B91F38EC-1D0F-4B33-99DE-C6B90E80B582}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{2A0F24BE-0417-4B7C-82E0-AEA49A5356A2}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{3EFEAA9B-8E1C-466F-9831-189CE8295854}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6080D66F-0A15-409F-B9A3-D282267C8458}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{517FA03E-29DF-4BDE-95D1-91029A573004}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{FA7DBE6C-B9A9-4798-9DDE-6FC0E4FE169C}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe () [File not signed]
FirewallRules: [TCP Query User{0F7A0131-4AEE-48A9-B4AB-F6A23E62E44D}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe () [File not signed]
FirewallRules: [UDP Query User{019D165E-A783-4C39-86D3-0A8FD000C4D1}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D4A89DBE-2E5C-4FBE-93ED-9F06AF475218}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{2BD6A9B9-8D01-4CEF-AB53-124D56E1E3BF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{2C37ED61-D308-4FDA-B8E4-DD682B07308D}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D7BB254C-3614-49B3-A3BB-BE7E93812E12}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{9758F37C-1793-44E7-A5B7-D2D28DF780EF}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{CEDD63DE-AE5E-4D08-84FE-3220C65B3BB0}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{64DCF168-9DCF-4125-BDB5-E881E6203267}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{331E87CE-36BC-47C6-9148-6B8C87826BA1}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe () [File not signed]
FirewallRules: [UDP Query User{EA4170DF-452A-452C-A8C1-F23E2A456910}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe () [File not signed]
FirewallRules: [TCP Query User{44905811-9B97-4AE0-B73F-958796A7B300}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E5EA4172-128A-49AE-BD0F-4CA1CE87067D}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{BC60B747-848A-47CF-B5BF-6089E8D7CFF4}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{CFE743D3-8BF9-4736-B25C-C035E8E17071}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{605ED459-90F6-4154-8240-19D04E9DBEAE}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{10E7DA12-E224-4476-9339-2E684D4ACB4C}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{B5FD79BC-24A9-404E-92B4-6D5F84F01D66}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D64F86EB-4E1A-4B6C-B737-CCFF9B3C67F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57EBDB13-E0EF-452E-82E9-476669C0BBEB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFCD82A3-D394-4E0B-8649-83D41C3E7B6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69829AAD-646B-4C5B-A191-9EA4F40F6B7A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BD3D82D8-33BE-4D1C-BDC8-AD9E74870A45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20440.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3D7384A8-3777-4895-88F3-E398FB0D6B9E}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:117.89 GB) (Free:9.45 GB) (8%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/28/2021 02:35:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.19041.746, časová značka: 0x1baae673
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005d67
Identifikácia chybujúceho procesu: 0x1b74
Čas spustenia chybujúcej aplikácie: 0x01d6f5782a4bcb08
Cesta chybujúcej aplikácie: C:\Users\User\AppData\Roaming\uTorrent\utorrent.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\GDI32.dll
Identifikácia hlásenia: fa0b1cc0-ddbd-4c1e-9433-2edafc368609
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/28/2021 02:17:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.19041.746, časová značka: 0x1baae673
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005d67
Identifikácia chybujúceho procesu: 0x72c
Čas spustenia chybujúcej aplikácie: 0x01d6f577def93bcb
Cesta chybujúcej aplikácie: C:\Users\User\AppData\Roaming\uTorrent\utorrent.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\GDI32.dll
Identifikácia hlásenia: 3f359984-706a-4c19-926d-13e3065d71c8
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/28/2021 10:18:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchApp.exe, verzia: 10.0.19041.546, časová značka: 0xc404ae05
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x1fac
Čas spustenia chybujúcej aplikácie: 0x01d6f54b52f9635c
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: ced00ebf-09c9-484d-9b15-13f2cc3d0732
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (01/28/2021 10:18:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: explorer.exe, verzia: 10.0.19041.746, časová značka: 0xca234864
Názov chybujúceho modulu: windows.immersiveshell.serviceprovider.dll, verzia: 10.0.19041.746, časová značka: 0xf6d18cd8
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000c6cd
Identifikácia chybujúceho procesu: 0x3448
Čas spustenia chybujúcej aplikácie: 0x01d6f55639418bc6
Cesta chybujúcej aplikácie: C:\Windows\explorer.exe
Cesta chybujúceho modulu: C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
Identifikácia hlásenia: 77b4a46c-07c6-44e2-986f-6300aad5a9bc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/28/2021 10:18:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: explorer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 00007FFA57ACC6CD

Error: (01/28/2021 10:17:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.746 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2094

Start Time: 01d6f5288e58775f

Termination Time: 60000

Application Path: C:\Windows\explorer.exe

Report Id: 4b2454f1-dcc3-466f-ad86-4cd161f3970a

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (01/28/2021 10:08:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Video.UI.exe version 10.20112.1011.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4330

Start Time: 01d6f555225f6f12

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe\Video.UI.exe

Report Id: cc820149-1458-4709-8e14-84a94bef7294

Faulting package full name: Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.ZuneVideo

Hang type: Cross-process

Error: (01/28/2021 09:11:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.19041.746, časová značka: 0x1baae673
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005d67
Identifikácia chybujúceho procesu: 0x2a08
Čas spustenia chybujúcej aplikácie: 0x01d6f54c10595159
Cesta chybujúcej aplikácie: C:\Users\User\AppData\Roaming\uTorrent\utorrent.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\GDI32.dll
Identifikácia hlásenia: 52d65666-6a46-4024-a28f-91d183c4986a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (01/30/2021 07:46:45 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H92TJ3T)
Description: The server Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.

Error: (01/30/2021 07:46:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H92TJ3T)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (01/29/2021 06:47:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H92TJ3T)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.

Error: (01/29/2021 06:47:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H92TJ3T)
Description: The server Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.

Error: (01/28/2021 04:44:18 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-H92TJ3T)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_8adb67 with arguments "Není k dispozici" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (01/28/2021 04:44:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Uživatelská služba pro GameDVR a vysílání her_8adb67 zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (01/28/2021 04:44:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Uživatelská služba pro GameDVR a vysílání her_8adb67 bol dosiahnutý časový limit (30000 ms).

Error: (01/28/2021 04:44:18 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-H92TJ3T)
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_8adb67 with arguments "Není k dispozici" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell


Windows Defender:
===================================
Date: 2021-01-29 16:01:39.1540000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {77B9F45D-EE42-4016-832F-C0217D528A92}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2021-01-28 06:09:09.4470000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {6E9C504B-6E77-4739-87BE-7CFF1A07EF4B}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2021-01-26 19:14:48.8440000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {EC5F7D3D-7CF2-463C-9E9C-7094163A3B05}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2021-01-25 12:03:01.3630000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {0CD9B031-C9F4-40F1-9130-AC38682FD6AE}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2021-01-23 08:33:20.6350000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {638653FB-C5B7-4FE6-9A73-12CDF91277B4}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

==================== Memory info ===========================

BIOS: LENOVO O2NKT14A 12/06/2016
Motherboard: LENOVO 0x36BF
Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 61%
Total physical RAM: 8091.23 MB
Available physical RAM: 3114.44 MB
Total Virtual: 15771.23 MB
Available Virtual: 9521.1 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:117.89 GB) (Free:9.45 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:433.01 GB) NTFS

\\?\Volume{4bac9e1f-892f-4d84-8532-a01cb260de31}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{003ce010-b35e-46c2-9700-b79d3c51d944}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: FB131764)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: FB131755)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

havranec
Návštěvník
Návštěvník
Příspěvky: 135
Registrován: 02 bře 2008 09:01

Re: Prosím o kontrolu

#3 Příspěvek od havranec »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-30-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted banggood.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\User\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Windows\LENOVO\IMCONTROLLER

*************************

AdwCleaner_Debug.log - [47028 octets] - [08/10/2019 13:07:38]
AdwCleaner[S00].txt - [3772 octets] - [08/10/2019 13:07:58]
AdwCleaner[C00].txt - [2896 octets] - [08/10/2019 13:08:22]
AdwCleaner[S01].txt - [2162 octets] - [08/10/2019 14:51:32]
AdwCleaner[S02].txt - [2223 octets] - [08/10/2019 15:07:15]
AdwCleaner[S03].txt - [2178 octets] - [29/12/2020 16:20:16]
AdwCleaner[C03].txt - [2411 octets] - [29/12/2020 16:21:19]
AdwCleaner[S04].txt - [2153 octets] - [30/01/2021 11:14:42]
AdwCleaner[S05].txt - [2214 octets] - [30/01/2021 11:17:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu

#4 Příspěvek od Diallix »

Dobre.

Poprosim o nove logy FRST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

havranec
Návštěvník
Návštěvník
Příspěvky: 135
Registrován: 02 bře 2008 09:01

Re: Prosím o kontrolu

#5 Příspěvek od havranec »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-01-2021
Ran by User (administrator) on DESKTOP-H92TJ3T (LENOVO F0CM001FCK) (30-01-2021 11:26:49)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Windows 10 Home Version 2004 19041.746 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2101.15643.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.23383.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvla.inf_amd64_99128128671d22fb\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2020-06-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Lenovo Silver Silk Wireless Keyboard] => C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe [1742336 2013-08-14] (Lenovo) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2478848 2021-01-20] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Run: [eyeBeam SIP Client] => C:\Program Files (x86)\CounterPath\X-Lite\x-lite.exe [18550784 2006-05-31] () [File not signed]
HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Run: [CCleanerBrowserAutoLaunch_EC8997D804BA665BF9CED445ADD933D6] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\Installer\chrmstp.exe [2021-01-30] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-28] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0469288B-E16E-40F2-A987-E8B5456A2E31} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {07B65ED8-A125-45CE-9BAB-530CCBC9BCF3} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {08E145BE-2049-48B6-8ED6-C58B46206437} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {15BC797C-4487-4EB9-B169-E8AA51E8851A} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-30] (Piriform Software Ltd -> Piriform Software)
Task: {18D07819-F21A-4787-A008-B9F98B8CFCD3} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {2FC661B9-02D1-46F8-BCEE-5C671659BD18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {426A684A-44E6-497E-B3E0-E4C18EF2E833} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C5EBE63-666A-4E57-8AE5-26E8D94A4731} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {54ABFABC-1ACB-4F18-8B94-281D8B92BB04} - \Lenovo\ImController\TimeBasedEvents\e2233c5f-8a59-4266-80d3-fd6a0af4ff20 -> No File <==== ATTENTION
Task: {5DE4F256-C57F-4940-86C9-A7621E5ED063} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {676C4514-4BEB-4D6E-A703-CBB6513FE149} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {6E92901E-3945-44DE-B505-253427F5162A} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-30] (Piriform Software Ltd -> Piriform Software)
Task: {79A9C1FC-4956-4B78-8F29-05F5002C8E21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-05] (Google Inc -> Google LLC)
Task: {8A569646-4539-4A71-A5FC-1F4D62464B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {9752E5B5-F5F8-47DF-A975-480E42EED1D7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A655C4FB-9FFB-4B94-B1BE-F4EA6D84A52D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1496144255-991381806-58249036-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {A7862DE9-D075-40F8-AD61-0DFFB5609C9C} - \Lenovo\ImController\TimeBasedEvents\6ee5e4af-ca4d-4d52-b1c1-a4134fe6de01 -> No File <==== ATTENTION
Task: {B2A2CCD2-CC9B-4B80-A184-4053D254E62A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B41EB5EA-0422-4EC5-B1CA-866284A8CB49} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {BC36B622-2CB0-48CA-866D-803BB502A423} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {C527471E-313A-474B-9EA2-63FBEB5DE3D0} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {CB32A186-6D3D-426B-AB13-05112C61EE0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D44A2308-5154-478E-8D38-27E691003BE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-05] (Google Inc -> Google LLC)
Task: {E2720F1B-0479-4474-8E59-54B4F85A62F3} - \Lenovo\ImController\TimeBasedEvents\c9da200d-30e2-469a-9db6-cb939b19fb83 -> No File <==== ATTENTION
Task: {E6892C7B-09A9-40A1-820A-5FCF610A59C9} - \Lenovo\ImController\TimeBasedEvents\a66405bb-75f3-4b2e-a900-058ebfc38998 -> No File <==== ATTENTION
Task: {E97374FA-1445-4EC8-A9B4-7F9A8F19B7DD} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2020-09-18] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {EDBDF908-02EA-49FA-A77A-9FD7F4EAAA54} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2138032 2020-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {FADB12E7-DD5E-433D-9963-939D0F42B5DE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5c362e89-8288-4ab5-958b-95c3bff238f2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c8a8dfcb-a889-48f8-9307-d49bd92c8e62}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-30]

FireFox:
========
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-01-30] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-01-30] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-01-30]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://metro-sk.os.tc; hxxps://optolov.ru; hxxps://web.whatsapp.com; hxxps://www.banggood.com; hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://xiaomiplanet.sk
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentácie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-05]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-05]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-05]
CHR Extension: (Tabuľky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-05]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-16]
CHR Extension: (AVG SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-30] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\86.1.6938.201\elevation_service.exe [1348304 2020-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-01-30] (Piriform Software Ltd -> Piriform Software)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2414264 2017-08-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvla.inf_amd64_99128128671d22fb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvla.inf_amd64_99128128671d22fb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [329184 2017-04-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-30 11:09 - 2021-01-30 11:09 - 008457584 ____C (Malwarebytes) C:\Users\User\Desktop\adwcleaner_8.0.9.1.exe
2021-01-30 10:28 - 2021-01-30 10:28 - 000647342 ____C C:\Users\User\Desktop\Potvrdenie-o-vykonani-testu PB.pdf
2021-01-30 09:46 - 2021-01-30 11:27 - 000020678 ____C C:\Users\User\Desktop\FRST.txt
2021-01-30 09:43 - 2021-01-30 09:43 - 002297856 ____C (Farbar) C:\Users\User\Desktop\FRST64.exe
2021-01-30 09:41 - 2021-01-30 09:41 - 000003842 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2021-01-30 09:41 - 2021-01-30 09:41 - 000003258 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2021-01-30 09:41 - 2021-01-30 09:41 - 000002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-01-30 09:41 - 2021-01-30 09:41 - 000002439 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2021-01-30 09:41 - 2021-01-30 09:41 - 000000000 ____D C:\Users\User\AppData\Local\CCleaner Browser
2021-01-30 09:41 - 2021-01-30 09:41 - 000000000 ____D C:\ProgramData\CCleaner Browser
2021-01-30 09:40 - 2021-01-30 09:41 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-01-30 09:40 - 2021-01-30 09:40 - 000003512 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2021-01-30 09:40 - 2021-01-30 09:40 - 000003388 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-01-30 09:39 - 2021-01-30 09:39 - 000000000 ___DC C:\Users\User\Desktop\FRST-OlderVersion
2021-01-30 04:09 - 2021-01-30 04:09 - 000205956 ____C C:\Users\User\Downloads\[SkT]Skrys___Shelter_(2010)(CZ)[1080p]_=_CSFD_64%.torrent
2021-01-30 04:09 - 2021-01-30 04:09 - 000011413 ____C C:\Users\User\Downloads\[SkT]Tribal__Get_Out_Alive_(2020)(CZ)[WebRip][1080p].torrent
2021-01-30 04:05 - 2021-01-30 04:05 - 000016314 ____C C:\Users\User\Downloads\[SkT]Kruta_rasa___The_Breed_(2006)_CZ_CSFD_53%_=_CSFD_53%.torrent
2021-01-29 18:09 - 2021-01-29 18:09 - 000070676 ____C C:\Users\User\Downloads\[SkT]Modry_Kod_Sestricky_18._dil_-_VER_MI!_=_CSFD_33%.torrent
2021-01-28 16:02 - 2021-01-28 16:02 - 000392992 ____C C:\Users\User\Downloads\Priloha_c-3-Potvrdenie-o-vykonani-testu (2).pdf
2021-01-28 14:19 - 2021-01-28 14:19 - 000015297 ____C C:\Users\User\Downloads\[SkT]Zlo_na_dohled___The_Neighborhood_Watch_(2018)(CZ)_=_CSFD_35%.torrent
2021-01-28 10:04 - 2021-01-28 10:04 - 000018869 ____C C:\Users\User\Downloads\[SkT]Tunnelen___The_Tunnel_(2019)(SK)[1080p]_=_CSFD_59%.torrent
2021-01-28 09:03 - 2021-01-28 09:03 - 000014679 ____C C:\Users\User\Downloads\[SkT]Tunnelen___The_Tunnel_(2019)(SK)_=_CSFD_60%.torrent
2021-01-28 07:36 - 2021-01-28 07:36 - 000249319 ____C C:\Users\User\Desktop\05032018-EXT_IUP_Dohoda.pdf
2021-01-23 16:34 - 2021-01-23 16:34 - 000392992 ____C C:\Users\User\Downloads\Priloha_c-3-Potvrdenie-o-vykonani-testu.pdf
2021-01-23 16:23 - 2021-01-23 16:23 - 000392992 ____C C:\Users\User\Downloads\Priloha_c-3-Potvrdenie-o-vykonani-testu (1).pdf
2021-01-21 04:56 - 2021-01-21 04:56 - 000014761 ____C C:\Users\User\Downloads\[SkT]Sokujici_odhaleni___Bombshell_(2019)(CZ)_=_CSFD_62%.torrent
2021-01-21 04:56 - 2021-01-21 04:56 - 000013494 ____C C:\Users\User\Downloads\[SkT]Dobry_synek___The_Good_Son_(1993)_CZ_=_CSFD_66%.torrent
2021-01-21 04:55 - 2021-01-21 04:55 - 000016527 ____C C:\Users\User\Downloads\[SkT]Mikey_dieta_zlocinu___Mikey_(1992)_CZ_=_CSFD_52%.torrent
2021-01-21 04:54 - 2021-01-21 04:54 - 000012322 ____C C:\Users\User\Downloads\[SkT]__Rytmicka_sekce___The_Rhythm_Section_(2020)(CZ)_=_CSFD_50%.torrent
2021-01-20 04:41 - 2021-01-20 04:41 - 000037898 ____C C:\Users\User\Downloads\[SkT]Zlocin___The_Killing_1._serie_(CZ)[TvRip]_=_CSFD_86%.torrent
2021-01-20 04:40 - 2021-01-20 04:40 - 000353765 ____C C:\Users\User\Downloads\[SkT]Modry_kod_-_1._serie_(CZ)[WebRip]_=_CSFD_13%.torrent
2021-01-20 03:04 - 2021-01-20 03:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6cb9c3c4b9fed
2021-01-17 20:05 - 2021-01-17 20:05 - 000000000 ___DC C:\Users\User\AppData\Local\Viber
2021-01-17 04:32 - 2021-01-17 04:32 - 000015120 ____C C:\Users\User\Downloads\[SkT]Za_carou____Outside_the_Wire_(2021)(CZ)[WebRip]_=_CSFD_53%.torrent
2021-01-17 04:31 - 2021-01-17 04:31 - 000013967 ____C C:\Users\User\Downloads\[SkT]Neznamy___Unknown_(2011)(CZ_EN)[1080p]_=_CSFD_71%.torrent
2021-01-16 18:49 - 2021-01-16 18:49 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-16 18:49 - 2021-01-16 18:49 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-16 18:49 - 2021-01-16 18:49 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-16 18:49 - 2021-01-16 18:49 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-16 18:49 - 2021-01-16 18:49 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-16 18:49 - 2021-01-16 18:49 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-16 18:49 - 2021-01-16 18:49 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-16 18:49 - 2021-01-16 18:49 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-16 18:49 - 2021-01-16 18:49 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-16 18:49 - 2021-01-16 18:49 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-16 18:49 - 2021-01-16 18:49 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-16 18:49 - 2021-01-16 18:49 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-16 18:49 - 2021-01-16 18:49 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-16 18:48 - 2021-01-16 18:48 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-16 18:48 - 2021-01-16 18:48 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-16 18:48 - 2021-01-16 18:48 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-16 18:48 - 2021-01-16 18:48 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-16 18:48 - 2021-01-16 18:48 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-16 18:48 - 2021-01-16 18:48 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-16 18:48 - 2021-01-16 18:48 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-16 18:47 - 2021-01-16 18:47 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-16 18:47 - 2021-01-16 18:47 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-16 18:47 - 2021-01-16 18:47 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-16 18:47 - 2021-01-16 18:47 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-16 18:47 - 2021-01-16 18:47 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-16 18:47 - 2021-01-16 18:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-16 18:47 - 2021-01-16 18:47 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-16 18:47 - 2021-01-16 18:47 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-15 04:26 - 2021-01-15 04:26 - 000019000 ____C C:\Users\User\Downloads\[SkT]Mastickar___Znachor_(1981)(SK)[TvRip]_=_CSFD_85%.torrent
2021-01-13 04:14 - 2021-01-13 04:14 - 000126758 ____C C:\Users\User\Downloads\[SkT]Ozark_-_3._serie_(CZ_EN)[WebRip][720p]_=_CSFD_80%.torrent
2021-01-13 04:14 - 2021-01-13 04:14 - 000113623 ____C C:\Users\User\Downloads\[SkT]Ozark_-_2._serie_(CZ_EN)[WebRip][720p]_=_CSFD_80%.torrent
2021-01-13 04:13 - 2021-01-13 04:13 - 000020289 ____C C:\Users\User\Downloads\[SkT]Kong__Ostrov_lebek___Kong__Skull_Island_(2017)(CZ)[1080p]_=_CSFD_66%.torrent
2021-01-11 04:24 - 2021-01-11 04:25 - 000013567 ____C C:\Users\User\Downloads\[SkT]Divoch___Savage_(2019)(CZ)[WebRip].torrent
2021-01-10 05:44 - 2021-01-10 05:44 - 000015741 ____C C:\Users\User\Downloads\[SkT]Zkrat___Haywire_(2011)(CZ)_=_CSFD_55%.torrent
2021-01-07 20:31 - 2021-01-07 20:31 - 000017745 ____C C:\Users\User\Downloads\[SkT]_Operace_Entebbe___7_Days_in_Entebbe_(2018)(CZ)_=_CSFD_65%.torrent
2021-01-07 19:20 - 2021-01-07 19:20 - 000010845 ____C C:\Users\User\Downloads\[SkT]Fukusima___Fukushima_50_(2020)(CZ)[1080p]_=_CSFD_52%.torrent
2021-01-06 06:06 - 2021-01-06 06:06 - 000013989 ____C C:\Users\User\Downloads\[SkT]Spjascije_-_1._serie_(2017)(SK)[720p]_=_CSFD_83%.torrent
2021-01-05 07:37 - 2021-01-05 07:37 - 000012360 ____C C:\Users\User\Downloads\[SkT]Amundsen_(2019)(CZ)[720p]_=_CSFD_64%.torrent
2021-01-04 07:22 - 2021-01-04 07:22 - 000016110 ____C C:\Users\User\Downloads\[SkT]Boure_dusi___Dveselu_putenis_(2019)(CZ)[WebRip][720p]_=_CSFD_74%.torrent
2021-01-04 07:22 - 2021-01-04 07:22 - 000013768 ____C C:\Users\User\Downloads\[SkT]Breitnerovo_komando___Qu'un_sang_impur..._(2019)(CZ)_=_CSFD_70%.torrent
2021-01-02 06:17 - 2021-01-02 06:17 - 000018022 ____C C:\Users\User\Downloads\[SkT]Mesto_carodejnic___Witchville_(2010)(CZ)[1080p]_=_CSFD_32%.torrent
2021-01-02 06:16 - 2021-01-02 06:16 - 000502830 ____C C:\Users\User\Downloads\[SkT]Cliffhanger_(1993)(CZ_EN)[1080p]_=_CSFD_76%.torrent
2021-01-02 06:16 - 2021-01-02 06:16 - 000015527 ____C C:\Users\User\Downloads\[SkT]Novi_mutanti___The_New_Mutants_(2020)(CZ_EN)[1080p]_=_CSFD_52%.torrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-30 11:27 - 2019-10-07 15:08 - 000000000 ___DC C:\FRST
2021-01-30 11:23 - 2020-12-06 07:56 - 001693346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-30 11:23 - 2019-12-07 15:41 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-30 11:23 - 2019-12-07 15:41 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-30 11:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-30 11:20 - 2019-10-08 12:15 - 000000000 ____D C:\Program Files\CCleaner
2021-01-30 11:18 - 2020-12-06 07:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-30 11:18 - 2020-12-06 07:46 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-30 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-01-30 11:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-30 11:18 - 2019-05-30 21:04 - 000000000 __RDC C:\Users\User\OneDrive
2021-01-30 11:18 - 2019-05-30 21:02 - 000000000 _SHDC C:\Users\User\IntelGraphicsProfiles
2021-01-30 11:18 - 2019-05-30 20:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-30 11:18 - 2019-05-30 20:40 - 000000000 ____D C:\ProgramData\Lenovo
2021-01-30 11:17 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-30 11:17 - 2019-06-05 08:27 - 000000000 ___DC C:\Users\User\AppData\Local\Lenovo
2021-01-30 07:46 - 2019-06-05 10:36 - 000000000 ___DC C:\Users\User\AppData\Roaming\uTorrent
2021-01-30 03:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-30 03:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-29 17:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-29 07:12 - 2019-05-30 21:02 - 000000000 ___DC C:\Users\User\AppData\Local\Packages
2021-01-28 16:40 - 2020-06-10 09:27 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-28 10:22 - 2020-12-06 07:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-28 08:03 - 2019-06-05 10:20 - 000000000 ___DC C:\Users\User\Documents\ViberDownloads
2021-01-28 04:47 - 2019-06-05 10:06 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-26 08:46 - 2020-11-04 15:09 - 001296896 ____C C:\Users\User\Desktop\Zmena D.xls
2021-01-23 20:08 - 2020-10-01 13:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-23 11:39 - 2019-07-30 04:02 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-01-20 03:04 - 2020-12-06 07:52 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-18 05:46 - 2019-06-05 10:35 - 000000000 ___DC C:\Users\User\AppData\Roaming\ViberPC
2021-01-16 20:16 - 2020-12-06 07:46 - 000446080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-16 20:15 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-16 20:15 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-16 20:15 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-16 18:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-16 18:47 - 2020-12-06 07:49 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-16 18:39 - 2020-12-06 06:57 - 000000000 __HDC C:\$WinREAgent
2021-01-16 18:37 - 2019-06-05 02:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-16 18:35 - 2019-06-05 02:17 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 06:46 - 2020-12-06 07:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-13 06:14 - 2019-06-05 10:20 - 000000000 ___DC C:\Users\User\Documents\uživatelske priručky
2021-01-11 05:34 - 2019-06-25 08:44 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2021-01-11 04:24 - 2019-05-30 20:40 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-11 04:23 - 2019-06-05 10:12 - 000000000 ___DC C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-01-11 04:23 - 2019-06-05 10:12 - 000000000 ____D C:\Games
2021-01-10 11:29 - 2019-09-22 16:46 - 000000000 ___DC C:\Users\User\Desktop\ventilator
2021-01-02 07:15 - 2020-02-04 06:49 - 000000000 ____D C:\Users\User\AppData\Roaming\WhatsApp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by User (30-01-2021 11:28:14)
Running from C:\Users\User\Desktop
Windows 10 Home Version 2004 19041.746 (X64) (2020-12-06 06:52:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1496144255-991381806-58249036-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1496144255-991381806-58249036-503 - Limited - Disabled)
Guest (S-1-5-21-1496144255-991381806-58249036-501 - Limited - Disabled)
User (S-1-5-21-1496144255-991381806-58249036-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-1496144255-991381806-58249036-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 86.1.6938.201 - Piriform Software)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D0D32569-4680-490A-905C-5117CEAAB3EF}) (Version: 0.8.8.76 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7757 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.7.0.1006 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{AA90D357-23D3-44C1-954D-7105B0C08F38}) (Version: 17.7.0.1006 - Intel Corporation)
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo) Hidden
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\InstallShield_{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.53 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10442 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.29094 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.19.627.2017 - Realtek)
Viber (HKLM-x32\...\{BCFF3282-3299-47F2-95C3-3C0165260EB2}) (Version: 10.3.0.36 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\{8ce90cb2-6f65-4b26-bd5c-e9627995f807}) (Version: 10.3.0.36 - Viber Media S.a.r.l)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\Wargaming.net Game Center) (Version: 20.8.0.3331 - Wargaming.net)
WhatsApp (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\WhatsApp) (Version: 2.2037.6 - WhatsApp)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\WOWS.WW.PRODUCTION) (Version: - Wargaming.net)
X-Lite 3.0 (HKLM-x32\...\X-Lite 1.5_is1) (Version: - CounterPath Solutions Inc.)

Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-16] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-02-16] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-22] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-06-05] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-05] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13530.20440.0_x86__8wekyb3d8bbwe [2021-01-28] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-20] (NVIDIA Corp.)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-08-07] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-08-07] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0729a791f23743a3\igfxDTCM.dll [2020-05-29] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvla.inf_amd64_99128128671d22fb\nvshext.dll [2020-07-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-06-05 15:06 - 2005-10-04 15:12 - 000057344 _____ () [File not signed] C:\Program Files (x86)\CounterPath\X-Lite\AEC_PC_DLL.dll
2011-11-03 19:48 - 2011-11-03 19:48 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skfunc.dll
2019-06-05 15:06 - 2006-05-31 15:45 - 001485312 _____ (CounterPath Solutions, Inc.) [File not signed] C:\Program Files (x86)\CounterPath\X-Lite\EYELOOK.DLL
2011-10-21 21:41 - 2011-10-21 21:41 - 000061952 _____ (LITE-ON Corp.) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skhooks.dll
2011-11-18 18:07 - 2011-11-18 18:07 - 000054272 _____ (LITE-ON TECHNOLOGY CORP.) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\SKHidKbd.dll
2019-06-05 15:06 - 2006-01-18 14:22 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CounterPath\X-Lite\MSVCR71.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1496144255-991381806-58249036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1496144255-991381806-58249036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1496144255-991381806-58249036-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-1496144255-991381806-58249036-1001 -> DefaultScope {6B9095F2-7B4D-414C-B2EC-A97FFE92B29E} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1496144255-991381806-58249036-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1496144255-991381806-58249036-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_EA977365BF5B2185FA52414E130E9AF9"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B56A6DEE-2D0E-48BD-9924-6669EEC2A7C0}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B91F38EC-1D0F-4B33-99DE-C6B90E80B582}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{2A0F24BE-0417-4B7C-82E0-AEA49A5356A2}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{3EFEAA9B-8E1C-466F-9831-189CE8295854}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6080D66F-0A15-409F-B9A3-D282267C8458}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{517FA03E-29DF-4BDE-95D1-91029A573004}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{FA7DBE6C-B9A9-4798-9DDE-6FC0E4FE169C}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe () [File not signed]
FirewallRules: [TCP Query User{0F7A0131-4AEE-48A9-B4AB-F6A23E62E44D}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe () [File not signed]
FirewallRules: [UDP Query User{019D165E-A783-4C39-86D3-0A8FD000C4D1}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D4A89DBE-2E5C-4FBE-93ED-9F06AF475218}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{2BD6A9B9-8D01-4CEF-AB53-124D56E1E3BF}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{2C37ED61-D308-4FDA-B8E4-DD682B07308D}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D7BB254C-3614-49B3-A3BB-BE7E93812E12}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{9758F37C-1793-44E7-A5B7-D2D28DF780EF}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{CEDD63DE-AE5E-4D08-84FE-3220C65B3BB0}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{64DCF168-9DCF-4125-BDB5-E881E6203267}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{331E87CE-36BC-47C6-9148-6B8C87826BA1}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe () [File not signed]
FirewallRules: [UDP Query User{EA4170DF-452A-452C-A8C1-F23E2A456910}C:\program files (x86)\counterpath\x-lite\x-lite.exe] => (Allow) C:\program files (x86)\counterpath\x-lite\x-lite.exe () [File not signed]
FirewallRules: [TCP Query User{44905811-9B97-4AE0-B73F-958796A7B300}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E5EA4172-128A-49AE-BD0F-4CA1CE87067D}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{BC60B747-848A-47CF-B5BF-6089E8D7CFF4}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{CFE743D3-8BF9-4736-B25C-C035E8E17071}] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{605ED459-90F6-4154-8240-19D04E9DBEAE}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{10E7DA12-E224-4476-9339-2E684D4ACB4C}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{B5FD79BC-24A9-404E-92B4-6D5F84F01D66}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D64F86EB-4E1A-4B6C-B737-CCFF9B3C67F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57EBDB13-E0EF-452E-82E9-476669C0BBEB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFCD82A3-D394-4E0B-8649-83D41C3E7B6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69829AAD-646B-4C5B-A191-9EA4F40F6B7A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BD3D82D8-33BE-4D1C-BDC8-AD9E74870A45}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20440.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3D7384A8-3777-4895-88F3-E398FB0D6B9E}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:117.89 GB) (Free:9.2 GB) (8%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/30/2021 11:17:43 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/28/2021 02:35:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.19041.746, časová značka: 0x1baae673
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005d67
Identifikácia chybujúceho procesu: 0x1b74
Čas spustenia chybujúcej aplikácie: 0x01d6f5782a4bcb08
Cesta chybujúcej aplikácie: C:\Users\User\AppData\Roaming\uTorrent\utorrent.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\GDI32.dll
Identifikácia hlásenia: fa0b1cc0-ddbd-4c1e-9433-2edafc368609
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/28/2021 02:17:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: utorrent.exe, verzia: 2.2.1.25534, časová značka: 0x4e4594ce
Názov chybujúceho modulu: GDI32.dll, verzia: 10.0.19041.746, časová značka: 0x1baae673
Kód výnimky: 0xc000041d
Odstup chyby: 0x00005d67
Identifikácia chybujúceho procesu: 0x72c
Čas spustenia chybujúcej aplikácie: 0x01d6f577def93bcb
Cesta chybujúcej aplikácie: C:\Users\User\AppData\Roaming\uTorrent\utorrent.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\GDI32.dll
Identifikácia hlásenia: 3f359984-706a-4c19-926d-13e3065d71c8
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/28/2021 10:18:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SearchApp.exe, verzia: 10.0.19041.546, časová značka: 0xc404ae05
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x1fac
Čas spustenia chybujúcej aplikácie: 0x01d6f54b52f9635c
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: ced00ebf-09c9-484d-9b15-13f2cc3d0732
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (01/28/2021 10:18:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: explorer.exe, verzia: 10.0.19041.746, časová značka: 0xca234864
Názov chybujúceho modulu: windows.immersiveshell.serviceprovider.dll, verzia: 10.0.19041.746, časová značka: 0xf6d18cd8
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000c6cd
Identifikácia chybujúceho procesu: 0x3448
Čas spustenia chybujúcej aplikácie: 0x01d6f55639418bc6
Cesta chybujúcej aplikácie: C:\Windows\explorer.exe
Cesta chybujúceho modulu: C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
Identifikácia hlásenia: 77b4a46c-07c6-44e2-986f-6300aad5a9bc
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/28/2021 10:18:01 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: explorer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 00007FFA57ACC6CD

Error: (01/28/2021 10:17:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.746 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2094

Start Time: 01d6f5288e58775f

Termination Time: 60000

Application Path: C:\Windows\explorer.exe

Report Id: 4b2454f1-dcc3-466f-ad86-4cd161f3970a

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (01/28/2021 10:08:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Video.UI.exe version 10.20112.1011.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4330

Start Time: 01d6f555225f6f12

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe\Video.UI.exe

Report Id: cc820149-1458-4709-8e14-84a94bef7294

Faulting package full name: Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.ZuneVideo

Hang type: Cross-process


System errors:
=============
Error: (01/30/2021 11:17:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/30/2021 11:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/30/2021 11:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX2 API Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/30/2021 11:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/30/2021 11:17:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.

Error: (01/30/2021 11:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (01/30/2021 11:17:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restartovat službu.

Error: (01/30/2021 11:17:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
===================================
Date: 2021-01-29 16:01:39.1540000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {77B9F45D-EE42-4016-832F-C0217D528A92}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2021-01-28 06:09:09.4470000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {6E9C504B-6E77-4739-87BE-7CFF1A07EF4B}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2021-01-26 19:14:48.8440000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {EC5F7D3D-7CF2-463C-9E9C-7094163A3B05}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2021-01-25 12:03:01.3630000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {0CD9B031-C9F4-40F1-9130-AC38682FD6AE}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2021-01-23 08:33:20.6350000Z
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan ID: {638653FB-C5B7-4FE6-9A73-12CDF91277B4}
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

==================== Memory info ===========================

BIOS: LENOVO O2NKT14A 12/06/2016
Motherboard: LENOVO 0x36BF
Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 60%
Total physical RAM: 8091.23 MB
Available physical RAM: 3177.33 MB
Total Virtual: 15771.23 MB
Available Virtual: 10448.37 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:117.89 GB) (Free:9.2 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:433.01 GB) NTFS

\\?\Volume{4bac9e1f-892f-4d84-8532-a01cb260de31}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{003ce010-b35e-46c2-9700-b79d3c51d944}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: FB131764)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: FB131755)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu

#6 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {08E145BE-2049-48B6-8ED6-C58B46206437} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {18D07819-F21A-4787-A008-B9F98B8CFCD3} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {54ABFABC-1ACB-4F18-8B94-281D8B92BB04} - \Lenovo\ImController\TimeBasedEvents\e2233c5f-8a59-4266-80d3-fd6a0af4ff20 -> No File <==== ATTENTION
Task: {676C4514-4BEB-4D6E-A703-CBB6513FE149} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {A7862DE9-D075-40F8-AD61-0DFFB5609C9C} - \Lenovo\ImController\TimeBasedEvents\6ee5e4af-ca4d-4d52-b1c1-a4134fe6de01 -> No File <==== ATTENTION
Task: {8A569646-4539-4A71-A5FC-1F4D62464B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D44A2308-5154-478E-8D38-27E691003BE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-05] (Google Inc -> Google LLC)
Task: {E2720F1B-0479-4474-8E59-54B4F85A62F3} - \Lenovo\ImController\TimeBasedEvents\c9da200d-30e2-469a-9db6-cb939b19fb83 -> No File <==== ATTENTION
Task: {E6892C7B-09A9-40A1-820A-5FCF610A59C9} - \Lenovo\ImController\TimeBasedEvents\a66405bb-75f3-4b2e-a900-058ebfc38998 -> No File <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1496144255-991381806-58249036-1001 -> DefaultScope {6B9095F2-7B4D-414C-B2EC-A97FFE92B29E} URL =

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

havranec
Návštěvník
Návštěvník
Příspěvky: 135
Registrován: 02 bře 2008 09:01

Re: Prosím o kontrolu

#7 Příspěvek od havranec »

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-01-2021
Ran by User (30-01-2021 11:41:40) Run:2
Running from C:\Users\User\Desktop
Loaded Profiles: User
Boot Mode: Normal
==============================================

fixlist content:
*****************
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {08E145BE-2049-48B6-8ED6-C58B46206437} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {18D07819-F21A-4787-A008-B9F98B8CFCD3} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {54ABFABC-1ACB-4F18-8B94-281D8B92BB04} - \Lenovo\ImController\TimeBasedEvents\e2233c5f-8a59-4266-80d3-fd6a0af4ff20 -> No File <==== ATTENTION
Task: {676C4514-4BEB-4D6E-A703-CBB6513FE149} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {A7862DE9-D075-40F8-AD61-0DFFB5609C9C} - \Lenovo\ImController\TimeBasedEvents\6ee5e4af-ca4d-4d52-b1c1-a4134fe6de01 -> No File <==== ATTENTION
Task: {8A569646-4539-4A71-A5FC-1F4D62464B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D44A2308-5154-478E-8D38-27E691003BE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-05] (Google Inc -> Google LLC)
Task: {E2720F1B-0479-4474-8E59-54B4F85A62F3} - \Lenovo\ImController\TimeBasedEvents\c9da200d-30e2-469a-9db6-cb939b19fb83 -> No File <==== ATTENTION
Task: {E6892C7B-09A9-40A1-820A-5FCF610A59C9} - \Lenovo\ImController\TimeBasedEvents\a66405bb-75f3-4b2e-a900-058ebfc38998 -> No File <==== ATTENTION
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1496144255-991381806-58249036-1001 -> DefaultScope {6B9095F2-7B4D-414C-B2EC-A97FFE92B29E} URL =

EmptyTemp:

*****************

C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08E145BE-2049-48B6-8ED6-C58B46206437}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08E145BE-2049-48B6-8ED6-C58B46206437}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18D07819-F21A-4787-A008-B9F98B8CFCD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18D07819-F21A-4787-A008-B9F98B8CFCD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54ABFABC-1ACB-4F18-8B94-281D8B92BB04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54ABFABC-1ACB-4F18-8B94-281D8B92BB04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e2233c5f-8a59-4266-80d3-fd6a0af4ff20" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{676C4514-4BEB-4D6E-A703-CBB6513FE149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{676C4514-4BEB-4D6E-A703-CBB6513FE149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7862DE9-D075-40F8-AD61-0DFFB5609C9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7862DE9-D075-40F8-AD61-0DFFB5609C9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6ee5e4af-ca4d-4d52-b1c1-a4134fe6de01" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A569646-4539-4A71-A5FC-1F4D62464B9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A569646-4539-4A71-A5FC-1F4D62464B9A}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D44A2308-5154-478E-8D38-27E691003BE1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D44A2308-5154-478E-8D38-27E691003BE1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2720F1B-0479-4474-8E59-54B4F85A62F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2720F1B-0479-4474-8E59-54B4F85A62F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\c9da200d-30e2-469a-9db6-cb939b19fb83" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6892C7B-09A9-40A1-820A-5FCF610A59C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6892C7B-09A9-40A1-820A-5FCF610A59C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\a66405bb-75f3-4b2e-a900-058ebfc38998" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-1496144255-991381806-58249036-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12696371 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 862984 B
Edge => 18432 B
Chrome => 179538803 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1518 B
User => 33509364 B

RecycleBin => 3348631 B
EmptyTemp: => 229.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:41:58 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu

#8 Příspěvek od Diallix »

V poriadku.

Ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

havranec
Návštěvník
Návštěvník
Příspěvky: 135
Registrován: 02 bře 2008 09:01

Re: Prosím o kontrolu

#9 Příspěvek od havranec »

V pohode, nie stále strečkuje. Niekedy má stav, že nereaguje ale teraz je fajn. Ak sa smiem spýtať ... bol tam nejaký vírus?
Naposledy upravil(a) havranec dne 30 led 2021 12:07, celkem upraveno 1 x.

havranec
Návštěvník
Návštěvník
Příspěvky: 135
Registrován: 02 bře 2008 09:01

Re: Prosím o kontrolu

#10 Příspěvek od havranec »

Ak je to všetko, veľmi pekne ďakujem.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu

#11 Příspěvek od Diallix »

Mozete urobit screen shot v spravci uloh, ktora/re aplikacia/cie (procesy) zatazuju system?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

havranec
Návštěvník
Návštěvník
Příspěvky: 135
Registrován: 02 bře 2008 09:01

Re: Prosím o kontrolu

#12 Příspěvek od havranec »

ok. Zapnúť všetky bežné programy, alebo povypínať a tak?

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu

#13 Příspěvek od Diallix »

pocitac nechajte v normalnom stave po spusteni a odsledujte kedy zamrzne. ked zamrzne urobte screen :)
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

havranec
Návštěvník
Návštěvník
Příspěvky: 135
Registrován: 02 bře 2008 09:01

Re: Prosím o kontrolu

#14 Příspěvek od havranec »

Obrázek
Přílohy
1.png
1.png (143.14 KiB) Zobrazeno 1559 x

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu

#15 Příspěvek od Diallix »

nie je to moc citatelne. Mozete to prosim zostriedit podla vytazenia? tj. navytazenejsie procesy pameti budu ako prve
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno