Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Prosím o preventivku

#1 Příspěvek od petatape »

Prosím o kontrolu, zdá se mi, že je to trochu pomalejší..

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by Lenovo (administrator) on DESKTOP-NOA58GF (LENOVO 10EU0022MC) (09-04-2021 11:14:51)
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Platform: Windows 10 Pro Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <34>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxEM.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7ad571204ec9fcd3\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LENOVO -> ) C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe
(Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (Tim Kosse -> FileZilla Project)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-06-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [4146024 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\RunOnce: [Uninstall 21.030.0211.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\21.030.0211.0002\amd64"
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\RunOnce: [Uninstall 21.030.0211.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\21.030.0211.0002"
HKLM\...\Windows x64\Print Processors\MIPR64_Q: C:\Windows\System32\spool\prtprocs\x64\MIPR64_Q.DLL [56832 2013-02-25] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Print\Monitors\MLMN64_Q: C:\Windows\system32\MLMN64_Q.DLL [115200 2013-02-25] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F083838-D9A8-4B95-8418-2382754E69ED} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2B206E6C-9C8F-4FF9-8522-8A70F710FB15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {328AF4A7-1645-4F24-9863-950A0115519C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4863C332-5D63-489E-B697-C4A4C9A3F904} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {65F50074-C63E-4CF0-AAA2-10C574CA3A3C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E24764B-E8A1-4370-BD66-3078FDE9E07B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {86D13D96-82BF-4C90-86C4-0ACA7259611A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {90851978-BB28-4C18-9B83-D4AA2BFAE67C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-04-06] (Avast Software s.r.o. -> Avast Software)
Task: {A9C61474-C6A3-45E8-BBE1-5CC6F56BFB8F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo -> )
Task: {ADD05CBA-F6E8-4966-88EA-4FCCE2F95899} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo -> )
Task: {B03FCF3E-8AFD-4B01-BF6F-9C633BBAC930} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {BAC45717-4088-40C4-A461-64B910D5B6C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {D76EC9B9-7A78-4388-A863-FAF865A688D4} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
Task: {E9DDF7AD-B6E5-4432-9BC2-304882F3B172} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF7A10CE-B0EE-4AC4-BB45-C7EC944B1114} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F95990EE-863A-4367-894D-935FEEADF2FC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cb0048aa-817b-4c7d-a9b0-af203f01f0c8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d05bc245-e639-48a3-b625-0fc4810a0438}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-12]
Edge Extension: (Outlook) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-14]
Edge Extension: (Word) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-14]
Edge Extension: (Excel) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-14]
Edge Extension: (PowerPoint) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-14]

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2021-04-09]
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-05]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-05]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-11]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-05]
CHR Extension: (Tabulky) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [136040 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 BtLockerService; C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe [44432 2016-01-22] (LENOVO -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (Tim Kosse -> FileZilla Project)
R2 LBAEvent; C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe [27392 2015-06-03] (LENOVO -> Lenovo)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-04-06] (McAfee, LLC -> McAfee, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [67032 2019-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-04-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [30432 2017-04-29] (Lenovo -> Lenovo)
R3 MpKsl5551a44d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D465F6C-FC23-4E1A-B845-EED4BA58C1DE}\MpKslDrv.sys [90360 2021-03-30] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl934b725f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{997DDAF5-3499-466D-9D87-3EE6F8EA28C8}\MpKslDrv.sys [90360 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-09 11:15 - 2021-04-09 11:15 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64 (3).exe
2021-04-09 11:14 - 2021-04-09 11:15 - 000022726 _____ C:\Users\Lenovo\Downloads\FRST.txt
2021-04-09 11:14 - 2021-04-09 11:15 - 000000000 ____D C:\FRST
2021-04-09 11:14 - 2021-04-09 11:14 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64 (2).exe
2021-04-09 11:14 - 2021-04-09 11:14 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64 (1).exe
2021-04-09 11:13 - 2021-04-09 11:13 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2021-04-09 08:33 - 2021-04-09 08:33 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Topaz Labs LLC
2021-04-08 10:46 - 2021-04-08 10:46 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Topaz Labs LLC
2021-04-08 10:45 - 2021-04-08 10:45 - 000002219 _____ C:\ProgramData\Desktop\Topaz DeNoise AI.lnk
2021-04-08 10:45 - 2021-04-08 10:45 - 000000000 ____D C:\ProgramData\Topaz Labs LLC
2021-04-08 10:45 - 2021-04-08 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz DeNoise AI
2021-04-08 10:45 - 2021-04-08 10:45 - 000000000 ____D C:\Program Files\Topaz Labs LLC
2021-04-08 10:43 - 2021-04-08 10:43 - 000000000 ____D C:\Users\Lenovo\Desktop\odšum
2021-04-07 13:48 - 2021-04-07 13:48 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2021-04-07 13:08 - 2021-01-25 17:26 - 008809320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw06.sys
2021-04-07 13:08 - 2021-01-25 17:26 - 002635224 _____ C:\WINDOWS\system32\Drivers\Netwfw06.dat
2021-04-07 13:08 - 2021-01-25 17:26 - 001422184 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter06.dll
2021-04-06 16:10 - 2021-04-06 16:10 - 000184726 _____ C:\Users\Lenovo\Desktop\Invoice RE3217.pdf
2021-04-06 14:51 - 2021-04-06 14:51 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-04-06 14:51 - 2021-04-06 14:51 - 000002152 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2021-04-06 14:51 - 2021-04-06 14:51 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Avast Software
2021-04-06 14:50 - 2021-04-06 14:50 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-06 14:50 - 2021-04-06 14:50 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-06 14:50 - 2021-04-06 14:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-06 14:50 - 2021-04-06 14:50 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-04-06 14:50 - 2021-04-06 14:50 - 000000000 ____D C:\Program Files\Avast Software
2021-04-06 14:49 - 2021-04-06 16:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\FileZilla
2021-04-06 14:49 - 2021-04-06 14:51 - 000000000 ____D C:\Users\Lenovo\AppData\Local\FileZilla
2021-04-06 14:49 - 2021-04-06 14:51 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-06 14:49 - 2021-04-06 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-04-06 14:49 - 2021-04-06 14:49 - 000000000 ____D C:\ProgramData\McAfee
2021-04-06 14:49 - 2021-04-06 14:49 - 000000000 ____D C:\Program Files\McAfee
2021-04-06 14:49 - 2021-04-06 14:49 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-04-06 14:46 - 2021-04-06 14:46 - 014202144 _____ (Tim Kosse) C:\Users\Lenovo\Downloads\FileZilla_3.53.1_win64_sponsored-setup.exe
2021-04-06 14:16 - 2021-04-06 14:16 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\FileZilla Server
2021-04-06 14:13 - 2021-04-06 14:13 - 000002156 _____ C:\ProgramData\Desktop\FileZilla Server Interface.lnk
2021-04-06 14:13 - 2021-04-06 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2021-04-06 14:13 - 2021-04-06 14:13 - 000000000 ____D C:\Program Files (x86)\FileZilla Server
2021-04-06 14:12 - 2021-04-06 14:12 - 002241216 _____ (FileZilla Project) C:\Users\Lenovo\Downloads\FileZilla_Server-0_9_60_2.exe
2021-03-28 17:54 - 2021-04-02 15:03 - 000000000 ____D C:\Users\Lenovo\Desktop\piknik
2021-03-23 20:36 - 2021-04-07 18:40 - 000030872 _____ C:\Users\Lenovo\Desktop\hory-povídka.txt
2021-03-22 10:46 - 2021-03-22 10:47 - 001156780 _____ C:\WINDOWS\Minidump\032221-9046-01.dmp
2021-03-21 22:42 - 2021-03-21 22:42 - 000975644 _____ C:\WINDOWS\Minidump\032121-17968-01.dmp
2021-03-10 01:41 - 2021-03-10 01:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-10 01:41 - 2021-03-10 01:41 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-10 01:40 - 2021-03-10 01:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-10 01:40 - 2021-03-10 01:40 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-10 01:40 - 2021-03-10 01:40 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-10 01:40 - 2021-03-10 01:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-10 01:40 - 2021-03-10 01:40 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-10 01:40 - 2021-03-10 01:40 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-10 01:40 - 2021-03-10 01:40 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-10 01:40 - 2021-03-10 01:40 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-10 01:40 - 2021-03-10 01:40 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-10 01:40 - 2021-03-10 01:40 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-09 11:16 - 2020-03-07 21:45 - 000000000 ____D C:\ProgramData\Adguard
2021-04-09 11:11 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 11:03 - 2020-07-04 17:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-09 09:31 - 2020-07-04 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-09 08:33 - 2021-01-17 23:01 - 000000000 ____D C:\Users\Lenovo\AppData\Local\cache
2021-04-09 08:33 - 2020-03-07 22:55 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2021-04-08 19:25 - 2020-04-05 11:20 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-04-08 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-08 10:45 - 2020-03-07 20:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-07 13:12 - 2020-07-04 18:03 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-07 13:12 - 2019-12-07 16:43 - 000716890 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-07 13:12 - 2019-12-07 16:43 - 000145068 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-07 13:12 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-07 13:08 - 2020-01-29 18:30 - 000000000 ____D C:\WINDOWS\TempInst
2021-04-07 13:07 - 2020-01-29 18:28 - 000000000 ____D C:\Program Files (x86)\Intel
2021-04-06 18:36 - 2020-07-04 18:05 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625998006-2303437307-2170556659-1003
2021-04-06 18:36 - 2020-07-04 15:56 - 000002413 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-06 18:36 - 2020-03-06 21:04 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2021-04-06 14:50 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-03 13:22 - 2020-06-23 23:14 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-03 13:22 - 2020-06-23 23:14 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-03 13:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-02 06:47 - 2020-04-05 10:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 06:47 - 2020-04-05 10:26 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-30 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-22 10:47 - 2020-12-07 04:32 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-22 10:47 - 2020-03-07 21:45 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-03-22 10:46 - 2020-07-04 18:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-22 10:46 - 2020-07-04 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-22 10:46 - 2020-05-14 00:01 - 785559591 _____ C:\WINDOWS\MEMORY.DMP
2021-03-22 10:46 - 2020-04-16 15:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-22 10:46 - 2020-03-02 19:39 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2021-03-21 22:43 - 2020-07-04 15:56 - 000000000 ____D C:\Users\Lenovo
2021-03-16 10:29 - 2020-01-29 18:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-13 01:44 - 2020-01-29 18:30 - 000000000 ____D C:\ProgramData\Lenovo
2021-03-13 01:42 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-12 14:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 14:06 - 2020-07-04 18:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-03-10 14:06 - 2020-05-20 17:47 - 000001921 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2021-03-10 14:06 - 2020-01-29 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2021-03-10 14:06 - 2020-01-29 18:30 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-03-10 02:06 - 2020-07-04 17:59 - 004963936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-10 02:05 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-10 02:05 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-10 01:32 - 2020-04-05 11:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 01:31 - 2020-04-05 11:09 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2020-03-07 21:45 - 2020-07-04 19:30 - 000000227 _____ () C:\ProgramData\fontcacheev1.dat
2020-04-05 11:30 - 2020-04-05 11:30 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by Lenovo (09-04-2021 11:16:56)
Running from C:\Users\Lenovo\Downloads
Windows 10 Pro Version 2004 19041.867 (X64) (2020-07-04 16:05:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-3625998006-2303437307-2170556659-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3625998006-2303437307-2170556659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3625998006-2303437307-2170556659-503 - Limited - Disabled)
Guest (S-1-5-21-3625998006-2303437307-2170556659-501 - Limited - Disabled)
Lenovo (S-1-5-21-3625998006-2303437307-2170556659-1003 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-3625998006-2303437307-2170556659-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

888poker.de (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\888poker.de) (Version: 1.1.2.33 - 888)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.0.2617.6509 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{e04bd71c-22b2-4453-b5da-99804065a4b9}) (Version: 7.0.2617.6509 - Adguard Software Ltd)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3) (Version: 8.3 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_6) (Version: 20.0.6 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CrystalDiskInfo 6.7.5 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
DxO PhotoLab 2 (HKLM\...\{E9CD9A75-02FC-4921-83A6-F57C892C2250}) (Version: 2.3.2 - DxO)
DxO PhotoLab 3 (HKLM\...\{ED095DD7-92AD-46C3-94D7-F8BFD2105CC4}) (Version: 3.1.0 - DxO)
DxO PhotoLab 3 plug-in for Adobe Lightroom (HKLM-x32\...\{3999E0D5-12DC-4ACC-B07F-62B3DECFB5B2}) (Version: 1.0.50 - DxO Labs)
Excel (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
KONICA MINOLTA PagePro 1350W (HKLM\...\KONICA MINOLTA PagePro 1350W) (Version: - )
Kuki (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Kuki) (Version: 20151105.000 - SMART Comp. a.s.)
LBAI (HKLM-x32\...\{C5C91B7B-38A6-40B7-84D6-E44885E44B13}_is1) (Version: 1.0.0.9 - Lenovo Group Limited)
Lenovo Bluetooth Lock (HKLM\...\{77A3D1F8-B521-40E6-9A51-E53C2FDBA2A9}_is1) (Version: 2.0.1.0527 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0118 - Lenovo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 2.3.1 - DxO)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PowerPoint (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
Topaz DeNoise AI (HKLM\...\Topaz DeNoise AI 3.0.3) (Version: 3.0.3 - Topaz Labs LLC)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.582 - McAfee, LLC)
Windows 10 Manager (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Windows 10 Manager 3.2.5) (Version: 3.2.5 - Yamicsoft)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 19.3 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 19.3 - WinTools Software Engineering, Ltd.)
Word (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Xiaomi Cloud (HKLM\...\dbd7cffb-9b67-55a5-b1a3-aabba639e500) (Version: 1.0.16 - 小米科技有限责任公司)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxDTCM.dll [2017-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2020-03-07 20:21 - 2017-03-14 17:51 - 001714688 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
2015-08-18 15:19 - 2015-08-18 15:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-08-18 15:20 - 2015-08-18 15:20 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2017-11-01 22:58 - 2017-11-01 22:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2017-02-06 15:25 - 2017-02-06 15:25 - 001412608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\libeay32.dll
2017-02-06 15:25 - 2017-02-06 15:25 - 000365056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-04-06] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-04-06] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-08 11:51 - 2021-04-08 11:51 - 000003495 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\Lenovo\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F285AE1-A050-49FD-942C-1D40A74D117D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7EA9DB1B-1051-4E4C-A816-D3F6996E63DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E163A9D5-A39E-4CCB-95D5-7A17C3DE8450}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{78F5508F-1C99-4DEA-B689-5DB7C7891E6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{393D21D2-CF1F-43C9-8C73-6E3C524B0736}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{E24C7F9D-191E-4106-8F82-219BD6CD7DD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B5357FC7-7A2D-4471-A429-262F144C4ACC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66A52BA1-23FD-426D-A205-BD46459569C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{192E778E-E66D-43C0-93E9-09AB8AE96558}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{214D19CB-D7B5-4735-A6EB-DD346B07124B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70902657-BF08-4891-8607-F8E8E34CF0D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58039A0D-C2D4-4B67-BFDB-92E2892CE6FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DE2548C7-6F5B-42A4-868B-D11E96220A12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FA9E7CF8-CD81-4744-933A-E8CD15CE4BC4}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [{CE76BF83-9AE6-48F3-A4DE-1CF11C520188}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{141D2A64-BBD3-49CE-9906-60D4029A1E71}C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe => No File
FirewallRules: [UDP Query User{2697AAE7-CE99-443F-B47A-0A9783C1F0B1}C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe => No File
FirewallRules: [TCP Query User{49E1B236-D6C6-4604-AC05-900A31AA16D7}C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe => No File
FirewallRules: [UDP Query User{A829636B-5451-4F75-A034-EF8F2CB3AC66}C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe => No File
FirewallRules: [{EC54B018-FA07-439B-86ED-0E8BF336FFAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1075410C-DB95-42F9-84C1-4E0EDBD9E7EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15BC0265-45C6-4088-9932-4C72E5C56325}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C7EE1E0B-85CF-497B-BAC9-A27BD7BDC1E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{232ADABF-1CCF-4ACD-8F39-49F7221EA4E5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{9C111E74-2656-4128-9B29-CC9E1BA44F73}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{27780D90-086D-44DC-96CF-77A8FA1FCFCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-03-2021 21:07:44 Naplánovaný kontrolní bod
30-03-2021 18:08:05 Naplánovaný kontrolní bod
07-04-2021 13:07:31 Drivers Installation

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/07/2021 01:48:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xb850de5d
Název chybujícího modulu: combase.dll, verze: 10.0.19041.844, časové razítko: 0x98fb6ff0
Kód výjimky: 0xc0000005
Posun chyby: 0x0010be82
ID chybujícího procesu: 0x3cec
Čas spuštění chybující aplikace: 0x01d72addcb366ee8
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 75842bb0-bf5e-49a9-ad94-77e2633edcae
Úplný název chybujícího balíčku: Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c
ID aplikace související s chybujícím balíčkem: App

Error: (04/05/2021 08:59:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/28/2021 06:53:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/21/2021 07:53:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/10/2021 03:57:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/01/2021 10:33:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/24/2021 06:52:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/17/2021 07:51:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (04/06/2021 02:13:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba FileZilla Server FTP server je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/31/2021 06:37:41 PM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Následující služba přestala opakovaně odpovídat na požadavky řízení služby: Služba Antivirová ochrana v programu Microsoft Defender

Kontaktujte dodavatele služby nebo správce systému a poraďte se s nimi, zda je vhodné službu vypnout, dokud nebude zjištěna příčina problému.

Před vypnutím služby bude pravděpodobně nutné restartovat počítač v nouzovém režimu.

Error: (03/31/2021 07:32:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/31/2021 07:30:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/31/2021 06:46:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/31/2021 06:44:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/31/2021 06:42:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/30/2021 10:35:12 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).


Windows Defender:
================
Date: 2021-04-06 12:06:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2D12543-D6D0-43C1-9F37-540B710FEE4C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-05 11:37:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A009C884-1363-4C68-BEB8-463316553AD3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-04 10:47:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B55FE0AC-E427-48BE-BDA1-2F30FB9E3297}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-03 10:46:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3975D626-EE1B-4D31-9470-94B9FD013231}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-02 10:40:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1453B288-60DC-4DEB-AFFF-7D47EF681FC7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-04-09 11:15:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO LENOVO - 1400 12/25/2019
Motherboard: LENOVO 30BB
Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 72%
Total physical RAM: 8099.58 MB
Available physical RAM: 2213.01 MB
Total Virtual: 20402.45 MB
Available Virtual: 8180.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.94 GB) (Free:100.04 GB) NTFS
Drive d: () (Removable) (Total:7.39 GB) (Free:4.53 GB) FAT32
Drive f: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:282.61 GB) NTFS

\\?\Volume{378c6390-6e10-4618-911f-52c0938791b6}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{d388f1c1-f359-44f9-9ca7-530530751557}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 01DAAFA2)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0CBB1DFF)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o preventivku

#3 Příspěvek od petatape »

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-08.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-12-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1978 octets] - [08/03/2021 09:32:06]
AdwCleaner[C00].txt - [1634 octets] - [08/03/2021 09:33:04]
AdwCleaner[S01].txt - [2060 octets] - [12/04/2021 11:11:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#4 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B03FCF3E-8AFD-4B01-BF6F-9C633BBAC930} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {BAC45717-4088-40C4-A461-64B910D5B6C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {EF7A10CE-B0EE-4AC4-BB45-C7EC944B1114} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [TCP Query User{141D2A64-BBD3-49CE-9906-60D4029A1E71}C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe => No File
FirewallRules: [UDP Query User{2697AAE7-CE99-443F-B47A-0A9783C1F0B1}C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe => No File
FirewallRules: [TCP Query User{49E1B236-D6C6-4604-AC05-900A31AA16D7}C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe => No File
FirewallRules: [UDP Query User{A829636B-5451-4F75-A034-EF8F2CB3AC66}C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe => No File

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o preventivku

#5 Příspěvek od petatape »

Provedl jsem, počítač se restartoval, ale bohužel nikde nemohu najít fixlog.txt Co s tím?

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#6 Příspěvek od Diallix »

Dajte sem nove logy FRST +ADDITION, uvidime ci odmazalo.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o preventivku

#7 Příspěvek od Diallix »

Temu zamykam.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno