Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2021
Ran by Lenovo (administrator) on LENOVO-PC (LENOVO 6474DR6) (20-01-2021 23:15:07)
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\System32\DTS.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(Avanquest -> Avanquest Software) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <10>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Digital Care Solutions) [File not signed] C:\Program Files\BDServices\BitDefenderCOM.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(LENOVO(JAPAN)LTD. -> Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
(MagicISO, Inc.) [File not signed] C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee Security Scan\3.11.2023\SSScheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <8>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382248 2013-06-20] (LENOVO(JAPAN)LTD. -> Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] (Conexant Systems, Inc. -> )
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582400 2010-02-05] (AuthenTec, Inc. -> AuthenTec)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2010-02-05] (AuthenTec, Inc.) [File not signed]
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-03-18] (LENOVO(JAPAN)LTD. -> Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] (Intel Corporation -> )
HKLM\...\Run: [ATUpdatePBA.ltp] => C:\Windows\SysWOW64\ATUpdatePBA.exe [226624 2010-02-05] (AuthenTec, Inc. -> AuthenTec, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PWMTRV] => C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [6002984 2013-06-26] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [AvastBrowserAutoLaunch_62982C4FE3135579906FC954B74E7137] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Lenovo\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {32a07e81-ef4a-11e3-bb7e-00216a4da13a} - F:\SETUP.EXE
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {8f09acce-5036-11e8-b63b-0022680f04b7} - E:\LaunchU3.exe -a
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {90c5be8d-8618-11e4-9964-0022680f04b7} - "E:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{2A048C75-1E03-4F9B-BF6F-68E5495CB849}] -> C:\Windows\system32\FpCredProv.dll [2010-02-05] (AuthenTec,Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2011-01-24] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{127EAD1F-6D0E-4E5D-945E-F3BFDF26EE24}] -> C:\Windows\system32\FpCredProv.dll [2010-02-05] (AuthenTec,Inc.) [File not signed]
Lsa: [Notification Packages] scecli ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2013-08-27]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest -> Avanquest Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2020-12-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.2023\SSScheduler.exe (McAfee, LLC -> McAfee, LLC)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2014-06-08]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04C07A20-3DA3-422F-823B-C5F01B065402} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {04C07A20-3DA3-422F-823B-C5F01B065402} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {089C40E2-D1B3-436A-AB2C-2D8D7206161A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {0E9EBCD3-1FD3-4FE3-9262-D23AE735BB62} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {0E9EBCD3-1FD3-4FE3-9262-D23AE735BB62} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {11E84232-B2E1-419B-9793-0A8A66449426} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {1AFE717C-AD16-4632-8A43-6FB09419AEF9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {1AFE717C-AD16-4632-8A43-6FB09419AEF9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {1C6EDB8A-C6E6-4E6E-8990-E275219CD1A4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {20376ED0-5C1F-4975-B860-F61D31FC7BD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-03-03] (Google Inc -> Google LLC)
Task: {20580FEA-2F96-4434-A4D7-0C0C5CD59B7C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {2B75BA1C-F223-40FC-AFAF-BB690E3789D4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1741416 2020-09-23] (Avast Software s.r.o. -> Avast Software)
Task: {2C2CA773-A322-4841-B8CA-D04F872E6FF4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {2C2CA773-A322-4841-B8CA-D04F872E6FF4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {2C2CA773-A322-4841-B8CA-D04F872E6FF4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {52B73353-13E3-40BB-9903-CA38F221947F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {55F23D50-3CF3-4EAF-B5A0-165F8E41FC02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-15] (Adobe Inc. -> Adobe)
Task: {5604F937-D2F8-40D2-B018-95DCCDA2CE34} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [189800 2013-06-26] (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
Task: {59DF5DAA-C23C-45B3-902C-5548981513E1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6A7BDABA-4D3A-426E-A133-01A782262410} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {6ACCF2DC-F72C-4542-BA7B-C6B58847B786} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {7D7E1883-0EED-4EBB-999B-2A6B50D637A8} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [3561768 2013-06-26] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
Task: {85DC7AB7-9252-4B07-A0F4-6AA5518AAD02} - System32\Tasks\{90D2EDF8-A045-4109-877F-D36DB90B548F} => C:\Windows\system32\pcalua.exe -a C:\Users\Lenovo\Downloads\dxwebsetup(1).exe -d C:\Users\Lenovo\Downloads
Task: {907AB35F-1B61-42BB-8B3C-156B27336BD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-03-03] (Google Inc -> Google LLC)
Task: {9F571941-A808-4277-8CDD-2323D4CFB322} - System32\Tasks\avastBCLRestartS-1-5-21-996974305-2072426124-1909489142-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 0
Task: {BF0DEACF-A162-4201-9B6E-A675FADF48AB} - System32\Tasks\PC Health Advisor Update => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
Task: {BFB5E411-9663-4A98-85F1-C40FD587E492} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-15] (Adobe Inc. -> Adobe)
Task: {C0C63D09-7AAE-4ADF-8F39-0F6F08E1BBCE} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
Task: {C9801C11-E624-4D70-A002-D3EBF43B0D26} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {E0C863F7-10BC-4F63-8839-784B49BE9ED5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
Task: {E26A009E-8379-48C4-AABD-3525B97B8AF0} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor Update.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0F914ECB-EE91-4D22-9D45-DB0BDB6A9AE3}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{BDD5EF83-C111-4617-AB2D-3C664CFC89EC}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{D6E9D5E5-B134-4E60-860B-373E2D2AE95A}: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF DefaultProfile: sez6sx2j.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default [2021-01-20]
FF Session Restore: Mozilla\Firefox\Profiles\sez6sx2j.default -> is enabled.
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default\Extensions\sp@avast.com.xpi [2020-07-03]
FF SearchPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default\searchplugins\google-avast.xml [2015-01-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-15] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-15] (Adobe Inc. -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2021-01-20]
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-21]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-15]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-15] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc. -> AuthenTec, Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\elevation_service.exe [1195824 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [File not signed]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo(Japan)Ltd. -> Lenovo.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] () [File not signed]
R2 HsfXAudioService; C:\Windows\SysWOW64\XAudio64.dll [436736 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.2023\McCHSvc.exe [408192 2020-11-23] (McAfee, LLC -> McAfee, LLC)
S3 scan; C:\Program Files\BDServices\scan.dll [627688 2016-12-12] (Bitdefender SRL -> Bitdefender)
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation -> Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [468888 2021-01-10] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R3 CAXHWAZL; C:\Windows\System32\DRIVERS\CAXHWAZL.sys [292864 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 CnxtHdAudService; C:\Windows\System32\drivers\CHDRT64.sys [649216 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1486848 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R3 mcdbus; C:\Windows\SysWOW64\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2006-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [6952960 2009-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-12-12] (Bitdefender SRL -> BitDefender S.R.L.)
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [740864 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\XAudio64.sys [10240 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-20 23:15 - 2021-01-20 23:16 - 000029802 _____ C:\Users\Lenovo\Downloads\FRST.txt
2021-01-20 23:13 - 2021-01-20 23:14 - 002295808 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2021-01-20 22:51 - 2021-01-20 23:15 - 000000000 ____D C:\FRST
2021-01-08 10:57 - 2021-01-08 10:57 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-07 20:10 - 2021-01-10 20:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-20 23:12 - 2018-04-09 19:15 - 000000000 ____D C:\Users\Lenovo\AppData\Local\AVAST Software
2021-01-20 22:50 - 2009-07-14 05:45 - 000028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-20 22:50 - 2009-07-14 05:45 - 000028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-20 22:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2021-01-20 22:44 - 2014-04-18 13:56 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-20 22:43 - 2018-01-29 12:49 - 000000000 ____D C:\Program Files\CCleaner
2021-01-20 22:43 - 2016-11-17 10:05 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2021-01-20 22:43 - 2014-04-18 13:58 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-20 22:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-20 22:39 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-20 08:08 - 2017-08-15 20:10 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-01-19 21:40 - 2020-12-03 20:46 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2021-01-19 08:18 - 2020-12-11 13:24 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-15 08:42 - 2019-04-29 19:55 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-01-15 08:42 - 2018-04-09 19:17 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-01-15 08:42 - 2018-04-09 19:17 - 000002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-01-15 08:42 - 2018-04-09 19:17 - 000002386 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-10 20:10 - 2014-04-18 13:59 - 000468888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-01-10 20:06 - 2016-12-25 09:42 - 000000432 _____ C:\Windows\Tasks\PC Health Advisor Update.job
2021-01-10 20:06 - 2016-12-25 09:42 - 000000402 _____ C:\Windows\Tasks\PC Health Advisor Defrag.job
2021-01-10 20:06 - 2016-12-25 09:42 - 000000384 _____ C:\Windows\Tasks\PC Health Advisor.job
2021-01-10 20:06 - 2014-04-18 13:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 12:00 - 2016-12-25 20:34 - 000003142 _____ C:\Windows\system32\Tasks\{90D2EDF8-A045-4109-877F-D36DB90B548F}
2021-01-08 12:00 - 2016-12-25 09:42 - 000003306 _____ C:\Windows\system32\Tasks\PC Health Advisor
2021-01-08 12:00 - 2016-12-25 09:42 - 000003304 _____ C:\Windows\system32\Tasks\PC Health Advisor Update
2021-01-08 12:00 - 2016-12-25 09:42 - 000003278 _____ C:\Windows\system32\Tasks\PC Health Advisor Defrag
2021-01-08 12:00 - 2013-08-27 13:15 - 000002958 _____ C:\Windows\system32\Tasks\PMTask
2021-01-08 12:00 - 2013-08-27 13:06 - 000002982 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2021-01-08 11:59 - 2020-03-03 21:20 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-08 11:59 - 2020-03-03 21:20 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-08 11:59 - 2018-03-13 14:13 - 000004532 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-01-08 11:59 - 2018-01-29 12:49 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-08 11:59 - 2014-12-24 14:53 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-01-08 11:59 - 2014-04-18 20:51 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-01-08 11:59 - 2014-04-07 16:05 - 000003540 _____ C:\Windows\system32\Tasks\CreateChoiceProcessTask
2021-01-08 09:50 - 2015-12-04 16:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-01-08 08:18 - 2010-11-21 10:27 - 000668792 _____ C:\Windows\system32\perfh005.dat
2021-01-08 08:18 - 2010-11-21 10:27 - 000141420 _____ C:\Windows\system32\perfc005.dat
2021-01-08 08:18 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-07 20:13 - 2020-12-12 20:07 - 000214808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-01-07 20:13 - 2014-04-18 13:59 - 000324904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-01-12 10:59
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-01-2021
Ran by Lenovo (20-01-2021 23:17:21)
Running from C:\Users\Lenovo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-27 11:55:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-996974305-2072426124-1909489142-500 - Administrator - Disabled)
Guest (S-1-5-21-996974305-2072426124-1909489142-501 - Limited - Disabled)
Lenovo (S-1-5-21-996974305-2072426124-1909489142-1000 - Administrator - Enabled) => C:\Users\Lenovo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 87.0.7478.88 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balíček ovladače systému Windows - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.27 - AuthenTec, Inc.)
Lenovo Patch Utility (HKLM-x32\...\{C6FB6B4A-1378-4CD3-9CD3-42BA69FCBD43}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.02.0018 - Lenovo)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.2023.1 - McAfee, LLC)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.70.00 - )
ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.2.7.0 - ParetoLogic, Inc.)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.55 - )
Railroad Tycoon 2 Platinum (HKLM-x32\...\{0C0A2941-33BC-46B3-98A2-A567C41BCA7E}) (Version: 1.56 - )
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
System Migration Assistant (HKLM-x32\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.01 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2013-08-27 13:15 - 2013-06-26 05:55 - 000094208 ____N () [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2013-08-27 13:17 - 2010-01-29 09:28 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\xerces-c_2_7.dll
2013-08-27 13:08 - 2006-09-21 15:11 - 000024576 ____N (BVRP Software) [File not signed] C:\Program Files (x86)\Digital Line Detect\BVRPDIAG.dll
2013-08-27 13:17 - 2010-01-29 11:39 - 000065536 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\cs-CZ\PrivacyIconClient.resources.dll
2013-08-27 13:17 - 2010-01-29 09:21 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\StatusStrings.dll
2003-03-18 20:12 - 2003-03-18 20:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Access Connections\MFC71U.DLL
2003-03-18 19:14 - 2003-03-18 19:14 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Access Connections\MSVCP71.dll
2003-02-21 03:42 - 2003-02-21 03:42 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Access Connections\MSVCR71.dll
2014-08-21 18:43 - 2014-08-21 18:43 - 001656320 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL
2014-08-21 18:43 - 2014-08-21 18:43 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\MSVCP140.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\ucrtbase.DLL
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\VCRUNTIME140.dll
2021-01-20 20:44 - 2021-01-20 20:44 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012008\avast.local_vc142.crt\VCRUNTIME140_1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-12-03 20:46 - 000000943 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ThinkPad\Bluetooth Software\;C:\Program Files\ThinkPad\Bluetooth Software\syswow64;C:\Program Files (x86)\Lenovo\Access Connections\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{65939335-03D1-4EB6-96F7-6943B683460C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{693E3074-B58B-48B9-8186-1CDCDE202AC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F380F6E3-D8AC-4ADD-80A1-8F84D048FDF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{92A33A5C-A31E-490E-BD94-3D08A8586F62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5F9ECFB4-015C-417D-AEA4-471DCBEDF5FC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C598639-2DF1-46F1-908D-EC0DC80E70CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5EE5D0A6-910B-4CEB-AC4E-80FD6C916FC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{544E6A5A-27DA-4843-BD65-5E323D4149EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{16695477-6869-4145-915C-D4395F1C6FF7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D780B532-73E7-4AD8-B690-7970CD288B5E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
FirewallRules: [{971F11DE-3F1A-4330-B734-F327046556FB}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
FirewallRules: [TCP Query User{08363D4C-C755-4DA6-A7E3-8143552BF4C0}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A9FE8251-AB52-4862-8EA4-554BEBD416B0}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{686290AA-CBA8-4C8C-BE9C-398DFD9DD70B}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1F7C5507-E930-4238-9396-7653891C0D7E}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6295BDE-6C60-4005-918E-94038912B913}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B6861ACB-75A1-4374-934D-EF64CF156157}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
FirewallRules: [{AB958A45-C835-4F68-910B-3A8CE72446D6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe (Lenovo Information Products (Shenzhen) Co.,Ltd -> )
FirewallRules: [{1FD4358D-AF2A-4EAD-B0F2-5BBF38FDD2F1}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/20/2021 11:10:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.23418, časové razítko: 0x570898dc
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.23418, časové razítko: 0x5708a89c
Kód výjimky: 0xc0000002
Posun chyby: 0x000000000001a06d
ID chybujícího procesu: 0x890
Čas spuštění chybující aplikace: 0x01d6ef74c835789a
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID zprávy: 5f7c1be8-5b6c-11eb-b0aa-0022680f04b7
Error: (01/20/2021 10:40:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/20/2021 09:09:08 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (2000) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -551.
Error: (01/20/2021 09:09:08 PM) (Source: ESENT) (EventID: 517) (User: )
Description: taskhost (2000) WebCacheLocal: Obnovení databáze se nezdařilo a došlo k chybě -551, protože byly zjištěny odkazy na databázi C:\Users\Lenovo\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat, která se neshoduje s aktuální sadou protokolů. Databázový stroj nepovolí dokončení obnovení pro tuto instanci, dokud nebude znovu vytvořena instance neshodné databáze. Pokud databáze již skutečně není k dispozici nebo není již nadále požadována, získáte pokyny týkající se odstranění této chyby ve znalostní bázi Microsoft Knowledge Base nebo po klepnutí na odkaz Další informace na konci této zprávy.
Error: (01/20/2021 09:09:08 PM) (Source: ESENT) (EventID: 465) (User: )
Description: taskhost (2000) WebCacheLocal: Při částečném obnovení byl zjištěn poškozený soubor protokolu C:\Users\Lenovo\AppData\Local\Microsoft\Windows\WebCache\V01.log. Záznam s chybou kontrolního součtu je umístěn na pozici END. Data neodpovídající záznamům protokolu se poprvé vyskytla v sektoru 635 (0x0000027B). Soubor je poškozený a nelze jej použít.
Error: (01/20/2021 09:09:08 PM) (Source: ESENT) (EventID: 465) (User: )
Description: taskhost (2000) WebCacheLocal: Při částečném obnovení byl zjištěn poškozený soubor protokolu C:\Users\Lenovo\AppData\Local\Microsoft\Windows\WebCache\V01.log. Záznam s chybou kontrolního součtu je umístěn na pozici END. Data neodpovídající záznamům protokolu se poprvé vyskytla v sektoru 635 (0x0000027B). Soubor je poškozený a nelze jej použít.
Error: (01/20/2021 09:09:08 PM) (Source: ESENT) (EventID: 465) (User: )
Description: taskhost (2000) WebCacheLocal: Při částečném obnovení byl zjištěn poškozený soubor protokolu C:\Users\Lenovo\AppData\Local\Microsoft\Windows\WebCache\V01.log. Záznam s chybou kontrolního součtu je umístěn na pozici END. Data neodpovídající záznamům protokolu se poprvé vyskytla v sektoru 635 (0x0000027B). Soubor je poškozený a nelze jej použít.
Error: (01/20/2021 08:41:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (01/20/2021 10:20:15 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba Data Transfer Service ohlásila neplatný současný stav 0.
Error: (01/20/2021 10:08:00 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba Data Transfer Service ohlásila neplatný současný stav 0.
Error: (01/19/2021 11:35:24 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba Data Transfer Service ohlásila neplatný současný stav 0.
Error: (01/19/2021 09:59:15 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba Data Transfer Service ohlásila neplatný současný stav 0.
Error: (01/19/2021 12:50:41 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba Data Transfer Service ohlásila neplatný současný stav 0.
Error: (01/19/2021 10:32:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba %1!s! Update (avast) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/19/2021 10:32:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba 30000!s! Update (avast) bylo dosaženo časového limitu (30000 ms).
Error: (01/19/2021 10:28:26 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Služba Data Transfer Service ohlásila neplatný současný stav 0.
Windows Defender:
===================================
Date: 2016-09-21 20:57:42.578
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=223449
Název:SoftwareBundler:Win32/Mizenota
ID:223449
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\Lenovo\Downloads\Jon Henrik Daniels Jojk Full Song!.mp3__4958_il48098.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-08-30 20:08:05.715
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.205.797.0
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.12002.0
Předchozí verze modulu:
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2015-08-30 20:08:05.714
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.12002.0
Předchozí verze modulu:
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2015-08-30 20:02:46.127
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x80070715
Popis chyby:V souboru bitové kopie nelze nalézt zadaný typ prostředku.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2015-08-30 20:02:39.216
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070003
Popis chyby:Systém nemůže nalézt uvedenou cestu.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2017-08-15 20:49:26.593
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-15 20:49:26.265
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-14 20:38:44.998
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-14 20:38:44.686
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-12 12:47:11.000
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-12 12:47:10.750
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-11 17:20:39.827
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-11 17:20:39.577
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: LENOVO 7UET71WW (3.01 ) 05/15/2009
Motherboard: LENOVO 6474DR6
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 84%
Total physical RAM: 3992.03 MB
Available physical RAM: 604.46 MB
Total Virtual: 7982.24 MB
Available Virtual: 3770.99 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.95 GB) (Free:8.64 GB) NTFS
\\?\Volume{10ed1ee2-be3e-11e3-acac-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 5442AB4D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
diky za pomoc
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
otevren spatny email,mozny trojan,zpomalene pc,bordel
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY! 
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-21-2021
# Duration: 00:00:52
# OS: Windows 7 Home Premium
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [7844 octets] - [21/01/2021 06:53:11]
AdwCleaner[S01].txt - [7905 octets] - [21/01/2021 12:20:15]
AdwCleaner[C01].txt - [7674 octets] - [21/01/2021 12:21:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-21-2021
# Duration: 00:00:52
# OS: Windows 7 Home Premium
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [7844 octets] - [21/01/2021 06:53:11]
AdwCleaner[S01].txt - [7905 octets] - [21/01/2021 12:20:15]
AdwCleaner[C01].txt - [7674 octets] - [21/01/2021 12:21:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
Odinstalujte McAfee Do poznamkoveho bloku skopirujte obsah dole:Kód: Vybrat vše
CloseProcesses:
CreateRestorePoint:
C:\Program Files (x86)\ParetoLogic
C:\Windows\system32\Tasks\PC Health Advisor Update
C:\Windows\system32\Tasks\PC Health Advisor Defrag
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {32a07e81-ef4a-11e3-bb7e-00216a4da13a} - F:\SETUP.EXE
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {8f09acce-5036-11e8-b63b-0022680f04b7} - E:\LaunchU3.exe -a
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {90c5be8d-8618-11e4-9964-0022680f04b7} - "E:\WD SmartWare.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {20376ED0-5C1F-4975-B860-F61D31FC7BD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-03-03] (Google Inc -> Google LLC)
Task: {6A7BDABA-4D3A-426E-A133-01A782262410} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {907AB35F-1B61-42BB-8B3C-156B27336BD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-03-03] (Google Inc -> Google LLC)
Task: {BFB5E411-9663-4A98-85F1-C40FD587E492} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-15] (Adobe Inc. -> Adobe)
Task: {C0C63D09-7AAE-4ADF-8F39-0F6F08E1BBCE} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
Task: {E26A009E-8379-48C4-AABD-3525B97B8AF0} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor Update.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
2021-01-08 12:00 - 2016-12-25 09:42 - 000003306 _____ C:\Windows\system32\Tasks\PC Health Advisor
2021-01-08 12:00 - 2016-12-25 09:42 - 000003304 _____ C:\Windows\system32\Tasks\PC Health Advisor Update
2021-01-08 12:00 - 2016-12-25 09:42 - 000003278 _____ C:\Windows\system32\Tasks\PC Health Advisor Defrag
2021-01-08 11:59 - 2020-03-03 21:20 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-08 11:59 - 2020-03-03 21:20 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-08 11:59 - 2014-12-24 14:53 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-01-08 11:59 - 2014-04-18 20:51 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
CustomCLSID: HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
2021-01-10 20:06 - 2016-12-25 09:42 - 000000432 _____ C:\Windows\Tasks\PC Health Advisor Update.job
2021-01-10 20:06 - 2016-12-25 09:42 - 000000402 _____ C:\Windows\Tasks\PC Health Advisor Defrag.job
2021-01-10 20:06 - 2016-12-25 09:42 - 000000384 _____ C:\Windows\Tasks\PC Health Advisor.job
EmptyTemp:
Hosts:
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-01-2021
Ran by Lenovo (21-01-2021 16:45:27) Run:1
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Program Files (x86)\ParetoLogic
C:\Windows\system32\Tasks\PC Health Advisor Update
C:\Windows\system32\Tasks\PC Health Advisor Defrag
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {32a07e81-ef4a-11e3-bb7e-00216a4da13a} - F:\SETUP.EXE
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {8f09acce-5036-11e8-b63b-0022680f04b7} - E:\LaunchU3.exe -a
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {90c5be8d-8618-11e4-9964-0022680f04b7} - "E:\WD SmartWare.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {20376ED0-5C1F-4975-B860-F61D31FC7BD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-03-03] (Google Inc -> Google LLC)
Task: {6A7BDABA-4D3A-426E-A133-01A782262410} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {907AB35F-1B61-42BB-8B3C-156B27336BD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-03-03] (Google Inc -> Google LLC)
Task: {BFB5E411-9663-4A98-85F1-C40FD587E492} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-15] (Adobe Inc. -> Adobe)
Task: {C0C63D09-7AAE-4ADF-8F39-0F6F08E1BBCE} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
Task: {E26A009E-8379-48C4-AABD-3525B97B8AF0} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor Update.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
2021-01-08 12:00 - 2016-12-25 09:42 - 000003306 _____ C:\Windows\system32\Tasks\PC Health Advisor
2021-01-08 12:00 - 2016-12-25 09:42 - 000003304 _____ C:\Windows\system32\Tasks\PC Health Advisor Update
2021-01-08 12:00 - 2016-12-25 09:42 - 000003278 _____ C:\Windows\system32\Tasks\PC Health Advisor Defrag
2021-01-08 11:59 - 2020-03-03 21:20 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-08 11:59 - 2020-03-03 21:20 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-08 11:59 - 2014-12-24 14:53 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-01-08 11:59 - 2014-04-18 20:51 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
CustomCLSID: HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
2021-01-10 20:06 - 2016-12-25 09:42 - 000000432 _____ C:\Windows\Tasks\PC Health Advisor Update.job
2021-01-10 20:06 - 2016-12-25 09:42 - 000000402 _____ C:\Windows\Tasks\PC Health Advisor Defrag.job
2021-01-10 20:06 - 2016-12-25 09:42 - 000000384 _____ C:\Windows\Tasks\PC Health Advisor.job
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Error: (0) Failed to create a restore point.
"C:\Program Files (x86)\ParetoLogic" => not found
"C:\Windows\system32\Tasks\PC Health Advisor Update" => not found
"C:\Windows\system32\Tasks\PC Health Advisor Defrag" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowCpl" => removed successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32a07e81-ef4a-11e3-bb7e-00216a4da13a} => removed successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f09acce-5036-11e8-b63b-0022680f04b7} => removed successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90c5be8d-8618-11e4-9964-0022680f04b7} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{20376ED0-5C1F-4975-B860-F61D31FC7BD8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20376ED0-5C1F-4975-B860-F61D31FC7BD8}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A7BDABA-4D3A-426E-A133-01A782262410}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A7BDABA-4D3A-426E-A133-01A782262410}" => removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{907AB35F-1B61-42BB-8B3C-156B27336BD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{907AB35F-1B61-42BB-8B3C-156B27336BD3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFB5E411-9663-4A98-85F1-C40FD587E492}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFB5E411-9663-4A98-85F1-C40FD587E492}" => removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0C63D09-7AAE-4ADF-8F39-0F6F08E1BBCE}" => not found
"C:\Windows\System32\Tasks\PC Health Advisor" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Health Advisor" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E26A009E-8379-48C4-AABD-3525B97B8AF0}" => not found
"C:\Windows\System32\Tasks\PC Health Advisor Defrag" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Health Advisor Defrag" => not found
"C:\Windows\Tasks\PC Health Advisor Defrag.job" => not found
"C:\Windows\Tasks\PC Health Advisor Update.job" => not found
"C:\Windows\Tasks\PC Health Advisor.job" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"C:\Windows\system32\Tasks\PC Health Advisor" => not found
"C:\Windows\system32\Tasks\PC Health Advisor Update" => not found
"C:\Windows\system32\Tasks\PC Health Advisor Defrag" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Windows\system32\Tasks\Adobe Acrobat Update Task" => not found
C:\Windows\system32\Tasks\Adobe Flash Player Updater => moved successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
"BVTConsumer" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"C:\Windows\Tasks\PC Health Advisor Update.job" => not found
"C:\Windows\Tasks\PC Health Advisor Defrag.job" => not found
"C:\Windows\Tasks\PC Health Advisor.job" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11674869 B
Java, Flash, Steam htmlcache => 1336 B
Windows/system/drivers => 3791 B
Edge => 0 B
Chrome => 139264 B
Brave => 0 B
Firefox => 90720545 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 2170 B
Public => 2170 B
ProgramData => 2170 B
systemprofile => 68526 B
systemprofile32 => 3973451 B
LocalService => 3973451 B
NetworkService => 3973451 B
Lenovo => 7711574 B
RecycleBin => 0 B
EmptyTemp: => 124.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:45:39 ====
Ran by Lenovo (21-01-2021 16:45:27) Run:1
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
C:\Program Files (x86)\ParetoLogic
C:\Windows\system32\Tasks\PC Health Advisor Update
C:\Windows\system32\Tasks\PC Health Advisor Defrag
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {32a07e81-ef4a-11e3-bb7e-00216a4da13a} - F:\SETUP.EXE
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {8f09acce-5036-11e8-b63b-0022680f04b7} - E:\LaunchU3.exe -a
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\MountPoints2: {90c5be8d-8618-11e4-9964-0022680f04b7} - "E:\WD SmartWare.exe" autoplay=true
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {20376ED0-5C1F-4975-B860-F61D31FC7BD8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-03-03] (Google Inc -> Google LLC)
Task: {6A7BDABA-4D3A-426E-A133-01A782262410} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {907AB35F-1B61-42BB-8B3C-156B27336BD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-03-03] (Google Inc -> Google LLC)
Task: {BFB5E411-9663-4A98-85F1-C40FD587E492} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-15] (Adobe Inc. -> Adobe)
Task: {C0C63D09-7AAE-4ADF-8F39-0F6F08E1BBCE} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
Task: {E26A009E-8379-48C4-AABD-3525B97B8AF0} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [4365304 2016-12-20] (Paretologic Inc -> ParetoLogic) <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor Update.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
2021-01-08 12:00 - 2016-12-25 09:42 - 000003306 _____ C:\Windows\system32\Tasks\PC Health Advisor
2021-01-08 12:00 - 2016-12-25 09:42 - 000003304 _____ C:\Windows\system32\Tasks\PC Health Advisor Update
2021-01-08 12:00 - 2016-12-25 09:42 - 000003278 _____ C:\Windows\system32\Tasks\PC Health Advisor Defrag
2021-01-08 11:59 - 2020-03-03 21:20 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-08 11:59 - 2020-03-03 21:20 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-08 11:59 - 2014-12-24 14:53 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-01-08 11:59 - 2014-04-18 20:51 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
CustomCLSID: HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
2021-01-10 20:06 - 2016-12-25 09:42 - 000000432 _____ C:\Windows\Tasks\PC Health Advisor Update.job
2021-01-10 20:06 - 2016-12-25 09:42 - 000000402 _____ C:\Windows\Tasks\PC Health Advisor Defrag.job
2021-01-10 20:06 - 2016-12-25 09:42 - 000000384 _____ C:\Windows\Tasks\PC Health Advisor.job
EmptyTemp:
Hosts:
*****************
Processes closed successfully.
Error: (0) Failed to create a restore point.
"C:\Program Files (x86)\ParetoLogic" => not found
"C:\Windows\system32\Tasks\PC Health Advisor Update" => not found
"C:\Windows\system32\Tasks\PC Health Advisor Defrag" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowCpl" => removed successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{32a07e81-ef4a-11e3-bb7e-00216a4da13a} => removed successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8f09acce-5036-11e8-b63b-0022680f04b7} => removed successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90c5be8d-8618-11e4-9964-0022680f04b7} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{20376ED0-5C1F-4975-B860-F61D31FC7BD8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20376ED0-5C1F-4975-B860-F61D31FC7BD8}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A7BDABA-4D3A-426E-A133-01A782262410}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A7BDABA-4D3A-426E-A133-01A782262410}" => removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{907AB35F-1B61-42BB-8B3C-156B27336BD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{907AB35F-1B61-42BB-8B3C-156B27336BD3}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFB5E411-9663-4A98-85F1-C40FD587E492}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFB5E411-9663-4A98-85F1-C40FD587E492}" => removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0C63D09-7AAE-4ADF-8F39-0F6F08E1BBCE}" => not found
"C:\Windows\System32\Tasks\PC Health Advisor" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Health Advisor" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E26A009E-8379-48C4-AABD-3525B97B8AF0}" => not found
"C:\Windows\System32\Tasks\PC Health Advisor Defrag" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Health Advisor Defrag" => not found
"C:\Windows\Tasks\PC Health Advisor Defrag.job" => not found
"C:\Windows\Tasks\PC Health Advisor Update.job" => not found
"C:\Windows\Tasks\PC Health Advisor.job" => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"C:\Windows\system32\Tasks\PC Health Advisor" => not found
"C:\Windows\system32\Tasks\PC Health Advisor Update" => not found
"C:\Windows\system32\Tasks\PC Health Advisor Defrag" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Windows\system32\Tasks\Adobe Acrobat Update Task" => not found
C:\Windows\system32\Tasks\Adobe Flash Player Updater => moved successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
"BVTConsumer" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"C:\Windows\Tasks\PC Health Advisor Update.job" => not found
"C:\Windows\Tasks\PC Health Advisor Defrag.job" => not found
"C:\Windows\Tasks\PC Health Advisor.job" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11674869 B
Java, Flash, Steam htmlcache => 1336 B
Windows/system/drivers => 3791 B
Edge => 0 B
Chrome => 139264 B
Brave => 0 B
Firefox => 90720545 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 2170 B
Public => 2170 B
ProgramData => 2170 B
systemprofile => 68526 B
systemprofile32 => 3973451 B
LocalService => 3973451 B
NetworkService => 3973451 B
Lenovo => 7711574 B
RecycleBin => 0 B
EmptyTemp: => 124.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:45:39 ====
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
Poprosim o nove logy frst + addition.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2021
Ran by Lenovo (administrator) on LENOVO-PC (LENOVO 6474DR6) (21-01-2021 16:55:46)
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\System32\DTS.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(Avanquest -> Avanquest Software) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Digital Care Solutions) [File not signed] C:\Program Files\BDServices\BitDefenderCOM.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(LENOVO(JAPAN)LTD. -> Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(MagicISO, Inc.) [File not signed] C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382248 2013-06-20] (LENOVO(JAPAN)LTD. -> Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] (Conexant Systems, Inc. -> )
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582400 2010-02-05] (AuthenTec, Inc. -> AuthenTec)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2010-02-05] (AuthenTec, Inc.) [File not signed]
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] (Intel Corporation -> )
HKLM\...\Run: [ATUpdatePBA.ltp] => C:\Windows\SysWOW64\ATUpdatePBA.exe [226624 2010-02-05] (AuthenTec, Inc. -> AuthenTec, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PWMTRV] => C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [6002984 2013-06-26] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [AvastBrowserAutoLaunch_62982C4FE3135579906FC954B74E7137] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Lenovo\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{2A048C75-1E03-4F9B-BF6F-68E5495CB849}] -> C:\Windows\system32\FpCredProv.dll [2010-02-05] (AuthenTec,Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2011-01-24] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{127EAD1F-6D0E-4E5D-945E-F3BFDF26EE24}] -> C:\Windows\system32\FpCredProv.dll [2010-02-05] (AuthenTec,Inc.) [File not signed]
Lsa: [Notification Packages] scecli ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2013-08-27]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest -> Avanquest Software)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2014-06-08]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04C07A20-3DA3-422F-823B-C5F01B065402} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {04C07A20-3DA3-422F-823B-C5F01B065402} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {089C40E2-D1B3-436A-AB2C-2D8D7206161A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {11E84232-B2E1-419B-9793-0A8A66449426} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {1AFE717C-AD16-4632-8A43-6FB09419AEF9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {1AFE717C-AD16-4632-8A43-6FB09419AEF9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {1C6EDB8A-C6E6-4E6E-8990-E275219CD1A4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {20580FEA-2F96-4434-A4D7-0C0C5CD59B7C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {2B75BA1C-F223-40FC-AFAF-BB690E3789D4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1741416 2020-09-23] (Avast Software s.r.o. -> Avast Software)
Task: {52B73353-13E3-40BB-9903-CA38F221947F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {55F23D50-3CF3-4EAF-B5A0-165F8E41FC02} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {5604F937-D2F8-40D2-B018-95DCCDA2CE34} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {59DF5DAA-C23C-45B3-902C-5548981513E1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {64A78A7D-865F-458A-A827-D5884B904F1F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {64A78A7D-865F-458A-A827-D5884B904F1F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {6ACCF2DC-F72C-4542-BA7B-C6B58847B786} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {85DC7AB7-9252-4B07-A0F4-6AA5518AAD02} - System32\Tasks\{90D2EDF8-A045-4109-877F-D36DB90B548F} => C:\Windows\system32\pcalua.exe -a C:\Users\Lenovo\Downloads\dxwebsetup(1).exe -d C:\Users\Lenovo\Downloads
Task: {8B1181D3-152C-4DEB-8FAC-4E668BDCF3AE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {8B1181D3-152C-4DEB-8FAC-4E668BDCF3AE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {8B1181D3-152C-4DEB-8FAC-4E668BDCF3AE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {9F571941-A808-4277-8CDD-2323D4CFB322} - System32\Tasks\avastBCLRestartS-1-5-21-996974305-2072426124-1909489142-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 0
Task: {C9801C11-E624-4D70-A002-D3EBF43B0D26} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {E0C863F7-10BC-4F63-8839-784B49BE9ED5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0F914ECB-EE91-4D22-9D45-DB0BDB6A9AE3}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{BDD5EF83-C111-4617-AB2D-3C664CFC89EC}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{D6E9D5E5-B134-4E60-860B-373E2D2AE95A}: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF DefaultProfile: sez6sx2j.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default [2021-01-21]
FF Session Restore: Mozilla\Firefox\Profiles\sez6sx2j.default -> is enabled.
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default\Extensions\sp@avast.com.xpi [2020-07-03]
FF SearchPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default\searchplugins\google-avast.xml [2015-01-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-15] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-15] (Adobe Inc. -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2021-01-21]
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-21]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-15]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-15] (Adobe Inc. -> Adobe)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc. -> AuthenTec, Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\elevation_service.exe [1195824 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [File not signed]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo(Japan)Ltd. -> Lenovo.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] () [File not signed]
R2 HsfXAudioService; C:\Windows\SysWOW64\XAudio64.dll [436736 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation -> Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
S2 AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [X]
S2 AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [X]
S2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [X]
S2 LENOVO.MICMUTE; "C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe" [X]
S2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
S2 TPHKLOAD; "C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe" [X]
S2 TPHKSVC; "C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [468888 2021-01-10] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R3 CAXHWAZL; C:\Windows\System32\DRIVERS\CAXHWAZL.sys [292864 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 CnxtHdAudService; C:\Windows\System32\drivers\CHDRT64.sys [649216 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1486848 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R3 mcdbus; C:\Windows\SysWOW64\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2006-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [6952960 2009-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-12-12] (Bitdefender SRL -> BitDefender S.R.L.)
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [740864 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\XAudio64.sys [10240 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-21 16:45 - 2021-01-21 16:45 - 000011570 _____ C:\Users\Lenovo\Downloads\Fixlog.txt
2021-01-21 12:17 - 2021-01-21 12:18 - 008457584 _____ (Malwarebytes) C:\Users\Lenovo\Downloads\adwcleaner_8.0.9.1.exe
2021-01-21 06:52 - 2021-01-21 12:21 - 000000000 ____D C:\AdwCleaner
2021-01-20 23:17 - 2021-01-20 23:19 - 000035125 _____ C:\Users\Lenovo\Downloads\Addition.txt
2021-01-20 23:15 - 2021-01-21 16:57 - 000025374 _____ C:\Users\Lenovo\Downloads\FRST.txt
2021-01-20 23:13 - 2021-01-20 23:14 - 002295808 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2021-01-20 22:51 - 2021-01-21 16:56 - 000000000 ____D C:\FRST
2021-01-08 10:57 - 2021-01-08 10:57 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-07 20:10 - 2021-01-10 20:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-21 16:57 - 2009-07-14 05:45 - 000028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-21 16:57 - 2009-07-14 05:45 - 000028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-21 16:51 - 2018-01-29 12:49 - 000000000 ____D C:\Program Files\CCleaner
2021-01-21 16:46 - 2014-04-18 13:58 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-21 16:46 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-21 16:45 - 2014-05-31 11:10 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Temp
2021-01-21 16:44 - 2016-11-17 10:05 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2021-01-21 16:37 - 2014-04-18 13:56 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-21 16:29 - 2014-04-18 20:51 - 000000000 ____D C:\ProgramData\McAfee
2021-01-21 12:55 - 2018-04-09 19:15 - 000000000 ____D C:\Users\Lenovo\AppData\Local\AVAST Software
2021-01-21 12:21 - 2013-08-27 13:14 - 000000000 ____D C:\Users\Public\Lenovo
2021-01-21 12:21 - 2013-08-27 13:13 - 000000000 ____D C:\Program Files\Lenovo
2021-01-21 12:21 - 2013-08-27 12:59 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-01-21 12:05 - 2020-12-11 13:24 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-21 12:05 - 2018-01-29 12:49 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-21 12:05 - 2016-12-25 20:34 - 000003142 _____ C:\Windows\system32\Tasks\{90D2EDF8-A045-4109-877F-D36DB90B548F}
2021-01-21 12:05 - 2014-04-07 16:05 - 000003540 _____ C:\Windows\system32\Tasks\CreateChoiceProcessTask
2021-01-21 12:05 - 2013-08-27 13:06 - 000002982 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2021-01-21 10:18 - 2015-12-04 16:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-01-20 22:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2021-01-20 22:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-20 08:08 - 2017-08-15 20:10 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-01-15 08:42 - 2019-04-29 19:55 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-01-15 08:42 - 2018-04-09 19:17 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-01-15 08:42 - 2018-04-09 19:17 - 000002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-01-15 08:42 - 2018-04-09 19:17 - 000002386 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-10 20:10 - 2014-04-18 13:59 - 000468888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-01-10 20:06 - 2014-04-18 13:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 08:18 - 2010-11-21 10:27 - 000668792 _____ C:\Windows\system32\perfh005.dat
2021-01-08 08:18 - 2010-11-21 10:27 - 000141420 _____ C:\Windows\system32\perfc005.dat
2021-01-08 08:18 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-07 20:13 - 2020-12-12 20:07 - 000214808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-01-07 20:13 - 2014-04-18 13:59 - 000324904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-01-12 10:59
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-01-2021
Ran by Lenovo (21-01-2021 16:57:52)
Running from C:\Users\Lenovo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-27 11:55:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-996974305-2072426124-1909489142-500 - Administrator - Disabled)
Guest (S-1-5-21-996974305-2072426124-1909489142-501 - Limited - Disabled)
Lenovo (S-1-5-21-996974305-2072426124-1909489142-1000 - Administrator - Enabled) => C:\Users\Lenovo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 87.0.7478.88 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balíček ovladače systému Windows - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.27 - AuthenTec, Inc.)
Lenovo Patch Utility (HKLM-x32\...\{C6FB6B4A-1378-4CD3-9CD3-42BA69FCBD43}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Railroad Tycoon 2 Platinum (HKLM-x32\...\{0C0A2941-33BC-46B3-98A2-A567C41BCA7E}) (Version: 1.56 - )
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
System Migration Assistant (HKLM-x32\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
==================== Loaded Modules (Whitelisted) =============
2013-08-27 13:15 - 2013-06-26 05:55 - 000094208 ____N () [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2013-08-27 13:17 - 2010-01-29 09:28 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\xerces-c_2_7.dll
2013-08-27 13:08 - 2006-09-21 15:11 - 000024576 ____N (BVRP Software) [File not signed] C:\Program Files (x86)\Digital Line Detect\BVRPDIAG.dll
2013-08-27 13:17 - 2010-01-29 11:39 - 000065536 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\cs-CZ\PrivacyIconClient.resources.dll
2013-08-27 13:17 - 2010-01-29 09:21 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\StatusStrings.dll
2014-08-21 18:43 - 2014-08-21 18:43 - 001656320 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL
2014-08-21 18:43 - 2014-08-21 18:43 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\MSVCP140.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\ucrtbase.DLL
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\VCRUNTIME140.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\VCRUNTIME140_1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2021-01-21 16:45 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ThinkPad\Bluetooth Software\;C:\Program Files\ThinkPad\Bluetooth Software\syswow64;C:\Program Files (x86)\Lenovo\Access Connections\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{65939335-03D1-4EB6-96F7-6943B683460C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{693E3074-B58B-48B9-8186-1CDCDE202AC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F380F6E3-D8AC-4ADD-80A1-8F84D048FDF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{92A33A5C-A31E-490E-BD94-3D08A8586F62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5F9ECFB4-015C-417D-AEA4-471DCBEDF5FC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C598639-2DF1-46F1-908D-EC0DC80E70CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5EE5D0A6-910B-4CEB-AC4E-80FD6C916FC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{544E6A5A-27DA-4843-BD65-5E323D4149EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{16695477-6869-4145-915C-D4395F1C6FF7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D780B532-73E7-4AD8-B690-7970CD288B5E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{971F11DE-3F1A-4330-B734-F327046556FB}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [TCP Query User{08363D4C-C755-4DA6-A7E3-8143552BF4C0}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A9FE8251-AB52-4862-8EA4-554BEBD416B0}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{686290AA-CBA8-4C8C-BE9C-398DFD9DD70B}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1F7C5507-E930-4238-9396-7653891C0D7E}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6295BDE-6C60-4005-918E-94038912B913}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B6861ACB-75A1-4374-934D-EF64CF156157}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{AB958A45-C835-4F68-910B-3A8CE72446D6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{1FD4358D-AF2A-4EAD-B0F2-5BBF38FDD2F1}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/21/2021 04:45:27 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\Lenovo\Downloads\FRST64.exe ; Popis = Restore Point Created by FRST; Chyba = 0x80070422).
Error: (01/21/2021 04:34:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/21/2021 01:33:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).
Error: (01/21/2021 12:24:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/21/2021 12:21:28 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\Lenovo\Downloads\adwcleaner_8.0.9.1.exe ; Popis = AdwCleaner_BeforeCleaning_21/01/2021_12:21:27; Chyba = 0x80070422).
Error: (01/21/2021 12:08:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/21/2021 11:50:21 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).
Error: (01/21/2021 08:32:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (01/21/2021 04:47:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AcSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/21/2021 04:47:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AcPrfMgrSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/21/2021 04:45:57 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Power Manager DBC Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Windows Defender:
===================================
Date: 2016-09-21 20:57:42.578
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=223449
Název:SoftwareBundler:Win32/Mizenota
ID:223449
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\Lenovo\Downloads\Jon Henrik Daniels Jojk Full Song!.mp3__4958_il48098.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-08-30 20:08:05.715
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.205.797.0
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.12002.0
Předchozí verze modulu:
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2015-08-30 20:08:05.714
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.12002.0
Předchozí verze modulu:
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2015-08-30 20:02:46.127
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x80070715
Popis chyby:V souboru bitové kopie nelze nalézt zadaný typ prostředku.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2015-08-30 20:02:39.216
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070003
Popis chyby:Systém nemůže nalézt uvedenou cestu.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2017-08-15 20:49:26.593
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-15 20:49:26.265
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-14 20:38:44.998
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-14 20:38:44.686
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-12 12:47:11.000
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-12 12:47:10.750
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-11 17:20:39.827
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-11 17:20:39.577
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: LENOVO 7UET71WW (3.01 ) 05/15/2009
Motherboard: LENOVO 6474DR6
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 64%
Total physical RAM: 3992.03 MB
Available physical RAM: 1403.7 MB
Total Virtual: 7982.24 MB
Available Virtual: 5086.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.95 GB) (Free:8.67 GB) NTFS
\\?\Volume{10ed1ee2-be3e-11e3-acac-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 5442AB4D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by Lenovo (administrator) on LENOVO-PC (LENOVO 6474DR6) (21-01-2021 16:55:46)
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\System32\DTS.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Windows\System32\ATService.exe
(Avanquest -> Avanquest Software) C:\Program Files (x86)\Digital Line Detect\DLG.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Digital Care Solutions) [File not signed] C:\Program Files\BDServices\BitDefenderCOM.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(LENOVO(JAPAN)LTD. -> Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(MagicISO, Inc.) [File not signed] C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382248 2013-06-20] (LENOVO(JAPAN)LTD. -> Lenovo.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] (Conexant Systems, Inc. -> )
HKLM\...\Run: [FingerPrintSoftware] => C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [1582400 2010-02-05] (AuthenTec, Inc. -> AuthenTec)
HKLM\...\Run: [FingerPrintSoftwareSplashScreen] => C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe [107520 2010-02-05] (AuthenTec, Inc.) [File not signed]
HKLM\...\Run: [picon] => C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] (Intel Corporation -> )
HKLM\...\Run: [ATUpdatePBA.ltp] => C:\Windows\SysWOW64\ATUpdatePBA.exe [226624 2010-02-05] (AuthenTec, Inc. -> AuthenTec, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PWMTRV] => C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL [6002984 2013-06-26] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [AvastBrowserAutoLaunch_62982C4FE3135579906FC954B74E7137] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Lenovo\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{2A048C75-1E03-4F9B-BF6F-68E5495CB849}] -> C:\Windows\system32\FpCredProv.dll [2010-02-05] (AuthenTec,Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2011-01-24] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{127EAD1F-6D0E-4E5D-945E-F3BFDF26EE24}] -> C:\Windows\system32\FpCredProv.dll [2010-02-05] (AuthenTec,Inc.) [File not signed]
Lsa: [Notification Packages] scecli ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-08-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2013-08-27]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest -> Avanquest Software)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2014-06-08]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04C07A20-3DA3-422F-823B-C5F01B065402} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {04C07A20-3DA3-422F-823B-C5F01B065402} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {089C40E2-D1B3-436A-AB2C-2D8D7206161A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {11E84232-B2E1-419B-9793-0A8A66449426} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {1AFE717C-AD16-4632-8A43-6FB09419AEF9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {1AFE717C-AD16-4632-8A43-6FB09419AEF9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {1C6EDB8A-C6E6-4E6E-8990-E275219CD1A4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1984600 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {20580FEA-2F96-4434-A4D7-0C0C5CD59B7C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {2B75BA1C-F223-40FC-AFAF-BB690E3789D4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1741416 2020-09-23] (Avast Software s.r.o. -> Avast Software)
Task: {52B73353-13E3-40BB-9903-CA38F221947F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {55F23D50-3CF3-4EAF-B5A0-165F8E41FC02} - \Adobe Flash Player Updater -> No File <==== ATTENTION
Task: {5604F937-D2F8-40D2-B018-95DCCDA2CE34} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe
Task: {59DF5DAA-C23C-45B3-902C-5548981513E1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {64A78A7D-865F-458A-A827-D5884B904F1F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {64A78A7D-865F-458A-A827-D5884B904F1F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {6ACCF2DC-F72C-4542-BA7B-C6B58847B786} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {85DC7AB7-9252-4B07-A0F4-6AA5518AAD02} - System32\Tasks\{90D2EDF8-A045-4109-877F-D36DB90B548F} => C:\Windows\system32\pcalua.exe -a C:\Users\Lenovo\Downloads\dxwebsetup(1).exe -d C:\Users\Lenovo\Downloads
Task: {8B1181D3-152C-4DEB-8FAC-4E668BDCF3AE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {8B1181D3-152C-4DEB-8FAC-4E668BDCF3AE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {8B1181D3-152C-4DEB-8FAC-4E668BDCF3AE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {9F571941-A808-4277-8CDD-2323D4CFB322} - System32\Tasks\avastBCLRestartS-1-5-21-996974305-2072426124-1909489142-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 0
Task: {C9801C11-E624-4D70-A002-D3EBF43B0D26} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {E0C863F7-10BC-4F63-8839-784B49BE9ED5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0F914ECB-EE91-4D22-9D45-DB0BDB6A9AE3}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{BDD5EF83-C111-4617-AB2D-3C664CFC89EC}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{D6E9D5E5-B134-4E60-860B-373E2D2AE95A}: [DhcpNameServer] 213.46.172.36 213.46.172.37
FireFox:
========
FF DefaultProfile: sez6sx2j.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default [2021-01-21]
FF Session Restore: Mozilla\Firefox\Profiles\sez6sx2j.default -> is enabled.
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default\Extensions\sp@avast.com.xpi [2020-07-03]
FF SearchPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sez6sx2j.default\searchplugins\google-avast.xml [2015-01-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-15] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-15] (Adobe Inc. -> )
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2021-01-21]
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-21]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-15]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-15] (Adobe Inc. -> Adobe)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc. -> AuthenTec, Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\elevation_service.exe [1195824 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 BitDefenderCOM; C:\Program Files\BDServices\BitDefenderCom.exe [1028096 2016-12-12] (Digital Care Solutions) [File not signed]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-06-26] (Lenovo(Japan)Ltd. -> Lenovo.)
R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] () [File not signed]
R2 HsfXAudioService; C:\Windows\SysWOW64\XAudio64.dll [436736 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation -> Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
S2 AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [X]
S2 AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [X]
S2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [X]
S2 LENOVO.MICMUTE; "C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe" [X]
S2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
S2 TPHKLOAD; "C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe" [X]
S2 TPHKSVC; "C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [36792 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208672 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [332880 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [247888 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [97360 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42424 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [176384 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522480 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-12-12] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [108928 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84496 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851256 2020-12-12] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [468888 2021-01-10] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R3 CAXHWAZL; C:\Windows\System32\DRIVERS\CAXHWAZL.sys [292864 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 CnxtHdAudService; C:\Windows\System32\drivers\CHDRT64.sys [649216 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems Inc.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\CAX_DPV.sys [1486848 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo)
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R3 mcdbus; C:\Windows\SysWOW64\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [17024 2006-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [6952960 2009-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [485512 2016-12-12] (Bitdefender SRL -> BitDefender S.R.L.)
R3 winachsf; C:\Windows\System32\DRIVERS\CAX_CNXT.sys [740864 2009-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\XAudio64.sys [10240 2009-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-21 16:45 - 2021-01-21 16:45 - 000011570 _____ C:\Users\Lenovo\Downloads\Fixlog.txt
2021-01-21 12:17 - 2021-01-21 12:18 - 008457584 _____ (Malwarebytes) C:\Users\Lenovo\Downloads\adwcleaner_8.0.9.1.exe
2021-01-21 06:52 - 2021-01-21 12:21 - 000000000 ____D C:\AdwCleaner
2021-01-20 23:17 - 2021-01-20 23:19 - 000035125 _____ C:\Users\Lenovo\Downloads\Addition.txt
2021-01-20 23:15 - 2021-01-21 16:57 - 000025374 _____ C:\Users\Lenovo\Downloads\FRST.txt
2021-01-20 23:13 - 2021-01-20 23:14 - 002295808 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2021-01-20 22:51 - 2021-01-21 16:56 - 000000000 ____D C:\FRST
2021-01-08 10:57 - 2021-01-08 10:57 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-07 20:10 - 2021-01-10 20:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-21 16:57 - 2009-07-14 05:45 - 000028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-21 16:57 - 2009-07-14 05:45 - 000028528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-21 16:51 - 2018-01-29 12:49 - 000000000 ____D C:\Program Files\CCleaner
2021-01-21 16:46 - 2014-04-18 13:58 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-21 16:46 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-21 16:45 - 2014-05-31 11:10 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Temp
2021-01-21 16:44 - 2016-11-17 10:05 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2021-01-21 16:37 - 2014-04-18 13:56 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-21 16:29 - 2014-04-18 20:51 - 000000000 ____D C:\ProgramData\McAfee
2021-01-21 12:55 - 2018-04-09 19:15 - 000000000 ____D C:\Users\Lenovo\AppData\Local\AVAST Software
2021-01-21 12:21 - 2013-08-27 13:14 - 000000000 ____D C:\Users\Public\Lenovo
2021-01-21 12:21 - 2013-08-27 13:13 - 000000000 ____D C:\Program Files\Lenovo
2021-01-21 12:21 - 2013-08-27 12:59 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-01-21 12:05 - 2020-12-11 13:24 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-21 12:05 - 2018-01-29 12:49 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-01-21 12:05 - 2016-12-25 20:34 - 000003142 _____ C:\Windows\system32\Tasks\{90D2EDF8-A045-4109-877F-D36DB90B548F}
2021-01-21 12:05 - 2014-04-07 16:05 - 000003540 _____ C:\Windows\system32\Tasks\CreateChoiceProcessTask
2021-01-21 12:05 - 2013-08-27 13:06 - 000002982 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2021-01-21 10:18 - 2015-12-04 16:47 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2021-01-20 22:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2021-01-20 22:40 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-20 08:08 - 2017-08-15 20:10 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-01-15 08:42 - 2019-04-29 19:55 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-01-15 08:42 - 2018-04-09 19:17 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-01-15 08:42 - 2018-04-09 19:17 - 000002386 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-01-15 08:42 - 2018-04-09 19:17 - 000002386 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 08:36 - 2020-03-03 21:21 - 000002183 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-10 20:10 - 2014-04-18 13:59 - 000468888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-01-10 20:06 - 2014-04-18 13:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 08:18 - 2010-11-21 10:27 - 000668792 _____ C:\Windows\system32\perfh005.dat
2021-01-08 08:18 - 2010-11-21 10:27 - 000141420 _____ C:\Windows\system32\perfc005.dat
2021-01-08 08:18 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-07 20:13 - 2020-12-12 20:07 - 000214808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-01-07 20:13 - 2014-04-18 13:59 - 000324904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-01-12 10:59
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-01-2021
Ran by Lenovo (21-01-2021 16:57:52)
Running from C:\Users\Lenovo\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-08-27 11:55:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-996974305-2072426124-1909489142-500 - Administrator - Disabled)
Guest (S-1-5-21-996974305-2072426124-1909489142-501 - Limited - Disabled)
Lenovo (S-1-5-21-996974305-2072426124-1909489142-1000 - Administrator - Enabled) => C:\Users\Lenovo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 87.0.7478.88 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balíček ovladače systému Windows - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)
Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.1 - Intel)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.27 - AuthenTec, Inc.)
Lenovo Patch Utility (HKLM-x32\...\{C6FB6B4A-1378-4CD3-9CD3-42BA69FCBD43}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-996974305-2072426124-1909489142-1000\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 84.0.2.7675 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Railroad Tycoon 2 Platinum (HKLM-x32\...\{0C0A2941-33BC-46B3-98A2-A567C41BCA7E}) (Version: 1.56 - )
RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
System Migration Assistant (HKLM-x32\...\{8A4DB1CA-8206-4ADC-805C-66ACF1611DA3}) (Version: 6.00.0009 - Lenovo Group Limited.)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.26 - Lenovo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-996974305-2072426124-1909489142-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-10-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-12] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
==================== Loaded Modules (Whitelisted) =============
2013-08-27 13:15 - 2013-06-26 05:55 - 000094208 ____N () [File not signed] C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2013-08-27 13:17 - 2010-01-29 09:28 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\xerces-c_2_7.dll
2013-08-27 13:08 - 2006-09-21 15:11 - 000024576 ____N (BVRP Software) [File not signed] C:\Program Files (x86)\Digital Line Detect\BVRPDIAG.dll
2013-08-27 13:17 - 2010-01-29 11:39 - 000065536 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\cs-CZ\PrivacyIconClient.resources.dll
2013-08-27 13:17 - 2010-01-29 09:21 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\StatusStrings.dll
2014-08-21 18:43 - 2014-08-21 18:43 - 001656320 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL
2014-08-21 18:43 - 2014-08-21 18:43 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\MSVCP140.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\ucrtbase.DLL
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\VCRUNTIME140.dll
2021-01-21 12:11 - 2021-01-21 12:11 - 000000000 ____L (Microsoft Corporation) C:\Program Files\AVAST Software\Avast\defs\21012100\avast.local_vc142.crt\VCRUNTIME140_1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2021-01-21 16:45 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ThinkPad\Bluetooth Software\;C:\Program Files\ThinkPad\Bluetooth Software\syswow64;C:\Program Files (x86)\Lenovo\Access Connections\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-996974305-2072426124-1909489142-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{65939335-03D1-4EB6-96F7-6943B683460C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{693E3074-B58B-48B9-8186-1CDCDE202AC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F380F6E3-D8AC-4ADD-80A1-8F84D048FDF4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{92A33A5C-A31E-490E-BD94-3D08A8586F62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{5F9ECFB4-015C-417D-AEA4-471DCBEDF5FC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C598639-2DF1-46F1-908D-EC0DC80E70CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5EE5D0A6-910B-4CEB-AC4E-80FD6C916FC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{544E6A5A-27DA-4843-BD65-5E323D4149EB}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{16695477-6869-4145-915C-D4395F1C6FF7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D780B532-73E7-4AD8-B690-7970CD288B5E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{971F11DE-3F1A-4330-B734-F327046556FB}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [TCP Query User{08363D4C-C755-4DA6-A7E3-8143552BF4C0}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A9FE8251-AB52-4862-8EA4-554BEBD416B0}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{686290AA-CBA8-4C8C-BE9C-398DFD9DD70B}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1F7C5507-E930-4238-9396-7653891C0D7E}C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\lenovo\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6295BDE-6C60-4005-918E-94038912B913}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B6861ACB-75A1-4374-934D-EF64CF156157}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{AB958A45-C835-4F68-910B-3A8CE72446D6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{1FD4358D-AF2A-4EAD-B0F2-5BBF38FDD2F1}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/21/2021 04:45:27 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\Lenovo\Downloads\FRST64.exe ; Popis = Restore Point Created by FRST; Chyba = 0x80070422).
Error: (01/21/2021 04:34:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/21/2021 01:33:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).
Error: (01/21/2021 12:24:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/21/2021 12:21:28 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\Lenovo\Downloads\adwcleaner_8.0.9.1.exe ; Popis = AdwCleaner_BeforeCleaning_21/01/2021_12:21:27; Chyba = 0x80070422).
Error: (01/21/2021 12:08:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/21/2021 11:50:21 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).
Error: (01/21/2021 08:32:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (01/21/2021 04:47:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AcSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/21/2021 04:47:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AcPrfMgrSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/21/2021 04:45:57 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Power Manager DBC Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (01/21/2021 04:45:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Windows Defender:
===================================
Date: 2016-09-21 20:57:42.578
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=223449
Název:SoftwareBundler:Win32/Mizenota
ID:223449
Závažnost:Vysoké
Kategorie:Software instalující další produkty
Nalezeno v cestě:file:C:\Users\Lenovo\Downloads\Jon Henrik Daniels Jojk Full Song!.mp3__4958_il48098.exe
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:
Date: 2015-08-30 20:08:05.715
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.205.797.0
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.12002.0
Předchozí verze modulu:
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2015-08-30 20:08:05.714
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.12002.0
Předchozí verze modulu:
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050a004
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2015-08-30 20:02:46.127
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x80070715
Popis chyby:V souboru bitové kopie nelze nalézt zadaný typ prostředku.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2015-08-30 20:02:39.216
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070003
Popis chyby:Systém nemůže nalézt uvedenou cestu.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2017-08-15 20:49:26.593
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-15 20:49:26.265
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-14 20:38:44.998
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-14 20:38:44.686
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-12 12:47:11.000
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-12 12:47:10.750
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-11 17:20:39.827
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2017-08-11 17:20:39.577
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: LENOVO 7UET71WW (3.01 ) 05/15/2009
Motherboard: LENOVO 6474DR6
Processor: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
Percentage of memory in use: 64%
Total physical RAM: 3992.03 MB
Available physical RAM: 1403.7 MB
Total Virtual: 7982.24 MB
Available Virtual: 5086.89 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:148.95 GB) (Free:8.67 GB) NTFS
\\?\Volume{10ed1ee2-be3e-11e3-acac-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: 5442AB4D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
FirewallRules: [{B6861ACB-75A1-4374-934D-EF64CF156157}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{AB958A45-C835-4F68-910B-3A8CE72446D6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{D780B532-73E7-4AD8-B690-7970CD288B5E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{971F11DE-3F1A-4330-B734-F327046556FB}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
S2 AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [X]
S2 AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [X]
S2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [X]
S2 LENOVO.MICMUTE; "C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe" [X]
S2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
S2 TPHKLOAD; "C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe" [X]
S2 TPHKSVC; "C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe" [X]
Task: {55F23D50-3CF3-4EAF-B5A0-165F8E41FC02} - \Adobe Flash Player Updater -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-01-2021
Ran by Lenovo (21-01-2021 18:02:19) Run:2
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
FirewallRules: [{B6861ACB-75A1-4374-934D-EF64CF156157}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{AB958A45-C835-4F68-910B-3A8CE72446D6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{D780B532-73E7-4AD8-B690-7970CD288B5E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{971F11DE-3F1A-4330-B734-F327046556FB}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
S2 AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [X]
S2 AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [X]
S2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [X]
S2 LENOVO.MICMUTE; "C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe" [X]
S2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
S2 TPHKLOAD; "C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe" [X]
S2 TPHKSVC; "C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe" [X]
Task: {55F23D50-3CF3-4EAF-B5A0-165F8E41FC02} - \Adobe Flash Player Updater -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
*****************
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B6861ACB-75A1-4374-934D-EF64CF156157}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB958A45-C835-4F68-910B-3A8CE72446D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D780B532-73E7-4AD8-B690-7970CD288B5E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{971F11DE-3F1A-4330-B734-F327046556FB}" => removed successfully
HKLM\System\CurrentControlSet\Services\AcPrfMgrSvc => removed successfully
AcPrfMgrSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\AcSvc => removed successfully
AcSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\LENOVO.CAMMUTE => removed successfully
LENOVO.CAMMUTE => service removed successfully
HKLM\System\CurrentControlSet\Services\LENOVO.MICMUTE => removed successfully
LENOVO.MICMUTE => service removed successfully
HKLM\System\CurrentControlSet\Services\LENOVO.TPKNRSVC => removed successfully
LENOVO.TPKNRSVC => service removed successfully
HKLM\System\CurrentControlSet\Services\SUService => removed successfully
SUService => service removed successfully
HKLM\System\CurrentControlSet\Services\TPHKLOAD => removed successfully
TPHKLOAD => service removed successfully
HKLM\System\CurrentControlSet\Services\TPHKSVC => removed successfully
TPHKSVC => service removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55F23D50-3CF3-4EAF-B5A0-165F8E41FC02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55F23D50-3CF3-4EAF-B5A0-165F8E41FC02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
The system needed a reboot.
==== End of Fixlog 18:02:20 ====
Ran by Lenovo (21-01-2021 18:02:19) Run:2
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
FirewallRules: [{B6861ACB-75A1-4374-934D-EF64CF156157}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{AB958A45-C835-4F68-910B-3A8CE72446D6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{D780B532-73E7-4AD8-B690-7970CD288B5E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
FirewallRules: [{971F11DE-3F1A-4330-B734-F327046556FB}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe => No File
S2 AcPrfMgrSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe [X]
S2 AcSvc; C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe [X]
S2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [X]
S2 LENOVO.MICMUTE; "C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe" [X]
S2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
S2 TPHKLOAD; "C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe" [X]
S2 TPHKSVC; "C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe" [X]
Task: {55F23D50-3CF3-4EAF-B5A0-165F8E41FC02} - \Adobe Flash Player Updater -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
*****************
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B6861ACB-75A1-4374-934D-EF64CF156157}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB958A45-C835-4F68-910B-3A8CE72446D6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D780B532-73E7-4AD8-B690-7970CD288B5E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{971F11DE-3F1A-4330-B734-F327046556FB}" => removed successfully
HKLM\System\CurrentControlSet\Services\AcPrfMgrSvc => removed successfully
AcPrfMgrSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\AcSvc => removed successfully
AcSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\LENOVO.CAMMUTE => removed successfully
LENOVO.CAMMUTE => service removed successfully
HKLM\System\CurrentControlSet\Services\LENOVO.MICMUTE => removed successfully
LENOVO.MICMUTE => service removed successfully
HKLM\System\CurrentControlSet\Services\LENOVO.TPKNRSVC => removed successfully
LENOVO.TPKNRSVC => service removed successfully
HKLM\System\CurrentControlSet\Services\SUService => removed successfully
SUService => service removed successfully
HKLM\System\CurrentControlSet\Services\TPHKLOAD => removed successfully
TPHKLOAD => service removed successfully
HKLM\System\CurrentControlSet\Services\TPHKSVC => removed successfully
TPHKSVC => service removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55F23D50-3CF3-4EAF-B5A0-165F8E41FC02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55F23D50-3CF3-4EAF-B5A0-165F8E41FC02}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
The system needed a reboot.
==== End of Fixlog 18:02:20 ====
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
ako je na tom pocitac?
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
je to asi lepsi, ale porad tam neco zpomaluje, teda aspon se mi to zda....btw.byl tam nejaky trojan?mate pro me nejake doporuceni co dal s timto starym dedkem(starej laptop)?diky
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
V spravci uloh pozrite procesy, ktore najviac zatazuju system - CPU / RAM.
Ako dlho ho uz mate?
Ano, v pc bol spyware.
Ako dlho ho uz mate?
Ano, v pc bol spyware.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
ve spravci osobne nic extra nevidim....mame ho asi deset let, presne nevim, pouziva ho manzelka 
...pokud uznate jako odbornik, ze to je cajk, tak dekuju mockrat za pomoc
...pokud uznate jako odbornik, ze to je cajk, tak dekuju mockrat za pomocRe: otevren spatny email,mozny trojan,zpomalene pc,bordel
Ono, v logoch uz nic nevidim. Ak ma 10 rokov, to najlepsie ma zrejme zasebou a skratka nezvlada aplikacie.
► Vyšla moja nová kniha BOTNETY! Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT <<
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Informácie o nej nájdete tu: >> BOTNETY << ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << ----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: otevren spatny email,mozny trojan,zpomalene pc,bordel
Dekuji za pomoc
Přispějete na provoz fóra?