VIRY.CZ

Prosím o kontrolu, zdá se mi, že je to trochu pomalejší..

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by Lenovo (administrator) on DESKTOP-NOA58GF (LENOVO 10EU0022MC) (09-04-2021 11:14:51)
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Platform: Windows 10 Pro Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <34>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxEM.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7ad571204ec9fcd3\Intel_PIE_Service.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LENOVO -> ) C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe
(Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (Tim Kosse -> FileZilla Project)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-06-28] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [4146024 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\RunOnce: [Uninstall 21.030.0211.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\21.030.0211.0002\amd64"
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\RunOnce: [Uninstall 21.030.0211.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\21.030.0211.0002"
HKLM\...\Windows x64\Print Processors\MIPR64_Q: C:\Windows\System32\spool\prtprocs\x64\MIPR64_Q.DLL [56832 2013-02-25] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\...\Print\Monitors\MLMN64_Q: C:\Windows\system32\MLMN64_Q.DLL [115200 2013-02-25] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC. -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F083838-D9A8-4B95-8418-2382754E69ED} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {2B206E6C-9C8F-4FF9-8522-8A70F710FB15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {328AF4A7-1645-4F24-9863-950A0115519C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4863C332-5D63-489E-B697-C4A4C9A3F904} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4002240 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {65F50074-C63E-4CF0-AAA2-10C574CA3A3C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E24764B-E8A1-4370-BD66-3078FDE9E07B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114008 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {86D13D96-82BF-4C90-86C4-0ACA7259611A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {90851978-BB28-4C18-9B83-D4AA2BFAE67C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-04-06] (Avast Software s.r.o. -> Avast Software)
Task: {A9C61474-C6A3-45E8-BBE1-5CC6F56BFB8F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo -> )
Task: {ADD05CBA-F6E8-4966-88EA-4FCCE2F95899} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758224 2021-02-22] (Lenovo -> )
Task: {B03FCF3E-8AFD-4B01-BF6F-9C633BBAC930} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {BAC45717-4088-40C4-A461-64B910D5B6C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {D76EC9B9-7A78-4388-A863-FAF865A688D4} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
Task: {E9DDF7AD-B6E5-4432-9BC2-304882F3B172} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF7A10CE-B0EE-4AC4-BB45-C7EC944B1114} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F95990EE-863A-4367-894D-935FEEADF2FC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cb0048aa-817b-4c7d-a9b0-af203f01f0c8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d05bc245-e639-48a3-b625-0fc4810a0438}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-12]
Edge Extension: (Outlook) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-14]
Edge Extension: (Word) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-14]
Edge Extension: (Excel) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-14]
Edge Extension: (PowerPoint) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-14]

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2021-04-09]
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-05]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-05]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-11]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-05]
CHR Extension: (Tabulky) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [136040 2019-05-17] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 BtLockerService; C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe [44432 2016-01-22] (LENOVO -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (Tim Kosse -> FileZilla Project)
R2 LBAEvent; C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe [27392 2015-06-03] (LENOVO -> Lenovo)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-04-06] (McAfee, LLC -> McAfee, LLC)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [67032 2019-02-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-04-06] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [30432 2017-04-29] (Lenovo -> Lenovo)
R3 MpKsl5551a44d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D465F6C-FC23-4E1A-B845-EED4BA58C1DE}\MpKslDrv.sys [90360 2021-03-30] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl934b725f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{997DDAF5-3499-466D-9D87-3EE6F8EA28C8}\MpKslDrv.sys [90360 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-09 11:15 - 2021-04-09 11:15 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64 (3).exe
2021-04-09 11:14 - 2021-04-09 11:15 - 000022726 _____ C:\Users\Lenovo\Downloads\FRST.txt
2021-04-09 11:14 - 2021-04-09 11:15 - 000000000 ____D C:\FRST
2021-04-09 11:14 - 2021-04-09 11:14 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64 (2).exe
2021-04-09 11:14 - 2021-04-09 11:14 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64 (1).exe
2021-04-09 11:13 - 2021-04-09 11:13 - 002298368 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2021-04-09 08:33 - 2021-04-09 08:33 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Topaz Labs LLC
2021-04-08 10:46 - 2021-04-08 10:46 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Topaz Labs LLC
2021-04-08 10:45 - 2021-04-08 10:45 - 000002219 _____ C:\ProgramData\Desktop\Topaz DeNoise AI.lnk
2021-04-08 10:45 - 2021-04-08 10:45 - 000000000 ____D C:\ProgramData\Topaz Labs LLC
2021-04-08 10:45 - 2021-04-08 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz DeNoise AI
2021-04-08 10:45 - 2021-04-08 10:45 - 000000000 ____D C:\Program Files\Topaz Labs LLC
2021-04-08 10:43 - 2021-04-08 10:43 - 000000000 ____D C:\Users\Lenovo\Desktop\odšum
2021-04-07 13:48 - 2021-04-07 13:48 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2021-04-07 13:08 - 2021-01-25 17:26 - 008809320 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw06.sys
2021-04-07 13:08 - 2021-01-25 17:26 - 002635224 _____ C:\WINDOWS\system32\Drivers\Netwfw06.dat
2021-04-07 13:08 - 2021-01-25 17:26 - 001422184 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter06.dll
2021-04-06 16:10 - 2021-04-06 16:10 - 000184726 _____ C:\Users\Lenovo\Desktop\Invoice RE3217.pdf
2021-04-06 14:51 - 2021-04-06 14:51 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-04-06 14:51 - 2021-04-06 14:51 - 000002152 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2021-04-06 14:51 - 2021-04-06 14:51 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Avast Software
2021-04-06 14:50 - 2021-04-06 14:50 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-04-06 14:50 - 2021-04-06 14:50 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-04-06 14:50 - 2021-04-06 14:50 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-06 14:50 - 2021-04-06 14:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-06 14:50 - 2021-04-06 14:50 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-04-06 14:50 - 2021-04-06 14:50 - 000000000 ____D C:\Program Files\Avast Software
2021-04-06 14:49 - 2021-04-06 16:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\FileZilla
2021-04-06 14:49 - 2021-04-06 14:51 - 000000000 ____D C:\Users\Lenovo\AppData\Local\FileZilla
2021-04-06 14:49 - 2021-04-06 14:51 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-06 14:49 - 2021-04-06 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2021-04-06 14:49 - 2021-04-06 14:49 - 000000000 ____D C:\ProgramData\McAfee
2021-04-06 14:49 - 2021-04-06 14:49 - 000000000 ____D C:\Program Files\McAfee
2021-04-06 14:49 - 2021-04-06 14:49 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2021-04-06 14:46 - 2021-04-06 14:46 - 014202144 _____ (Tim Kosse) C:\Users\Lenovo\Downloads\FileZilla_3.53.1_win64_sponsored-setup.exe
2021-04-06 14:16 - 2021-04-06 14:16 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\FileZilla Server
2021-04-06 14:13 - 2021-04-06 14:13 - 000002156 _____ C:\ProgramData\Desktop\FileZilla Server Interface.lnk
2021-04-06 14:13 - 2021-04-06 14:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2021-04-06 14:13 - 2021-04-06 14:13 - 000000000 ____D C:\Program Files (x86)\FileZilla Server
2021-04-06 14:12 - 2021-04-06 14:12 - 002241216 _____ (FileZilla Project) C:\Users\Lenovo\Downloads\FileZilla_Server-0_9_60_2.exe
2021-03-28 17:54 - 2021-04-02 15:03 - 000000000 ____D C:\Users\Lenovo\Desktop\piknik
2021-03-23 20:36 - 2021-04-07 18:40 - 000030872 _____ C:\Users\Lenovo\Desktop\hory-povídka.txt
2021-03-22 10:46 - 2021-03-22 10:47 - 001156780 _____ C:\WINDOWS\Minidump\032221-9046-01.dmp
2021-03-21 22:42 - 2021-03-21 22:42 - 000975644 _____ C:\WINDOWS\Minidump\032121-17968-01.dmp
2021-03-10 01:41 - 2021-03-10 01:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-10 01:41 - 2021-03-10 01:41 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-10 01:40 - 2021-03-10 01:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-10 01:40 - 2021-03-10 01:40 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-10 01:40 - 2021-03-10 01:40 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-10 01:40 - 2021-03-10 01:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-10 01:40 - 2021-03-10 01:40 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-10 01:40 - 2021-03-10 01:40 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-10 01:40 - 2021-03-10 01:40 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-10 01:40 - 2021-03-10 01:40 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-10 01:40 - 2021-03-10 01:40 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-10 01:40 - 2021-03-10 01:40 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-09 11:16 - 2020-03-07 21:45 - 000000000 ____D C:\ProgramData\Adguard
2021-04-09 11:11 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 11:03 - 2020-07-04 17:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-09 09:31 - 2020-07-04 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-09 08:33 - 2021-01-17 23:01 - 000000000 ____D C:\Users\Lenovo\AppData\Local\cache
2021-04-09 08:33 - 2020-03-07 22:55 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2021-04-08 19:25 - 2020-04-05 11:20 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-04-08 18:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-08 10:45 - 2020-03-07 20:15 - 000000000 ____D C:\ProgramData\Package Cache
2021-04-07 13:12 - 2020-07-04 18:03 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-07 13:12 - 2019-12-07 16:43 - 000716890 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-07 13:12 - 2019-12-07 16:43 - 000145068 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-07 13:12 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-07 13:08 - 2020-01-29 18:30 - 000000000 ____D C:\WINDOWS\TempInst
2021-04-07 13:07 - 2020-01-29 18:28 - 000000000 ____D C:\Program Files (x86)\Intel
2021-04-06 18:36 - 2020-07-04 18:05 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625998006-2303437307-2170556659-1003
2021-04-06 18:36 - 2020-07-04 15:56 - 000002413 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-06 18:36 - 2020-03-06 21:04 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2021-04-06 14:50 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-03 13:22 - 2020-06-23 23:14 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-03 13:22 - 2020-06-23 23:14 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-03 13:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-02 06:47 - 2020-04-05 10:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-02 06:47 - 2020-04-05 10:26 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-03-30 22:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-22 10:47 - 2020-12-07 04:32 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-22 10:47 - 2020-03-07 21:45 - 000000000 ____D C:\Program Files (x86)\Adguard
2021-03-22 10:46 - 2020-07-04 18:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-22 10:46 - 2020-07-04 17:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-22 10:46 - 2020-05-14 00:01 - 785559591 _____ C:\WINDOWS\MEMORY.DMP
2021-03-22 10:46 - 2020-04-16 15:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-22 10:46 - 2020-03-02 19:39 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2021-03-21 22:43 - 2020-07-04 15:56 - 000000000 ____D C:\Users\Lenovo
2021-03-16 10:29 - 2020-01-29 18:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-13 01:44 - 2020-01-29 18:30 - 000000000 ____D C:\ProgramData\Lenovo
2021-03-13 01:42 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-12 14:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 14:06 - 2020-07-04 18:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-03-10 14:06 - 2020-05-20 17:47 - 000001921 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2021-03-10 14:06 - 2020-01-29 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2021-03-10 14:06 - 2020-01-29 18:30 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-03-10 02:06 - 2020-07-04 17:59 - 004963936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-10 02:05 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-10 02:05 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-10 02:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-10 01:32 - 2020-04-05 11:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 01:31 - 2020-04-05 11:09 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2020-03-07 21:45 - 2020-07-04 19:30 - 000000227 _____ () C:\ProgramData\fontcacheev1.dat
2020-04-05 11:30 - 2020-04-05 11:30 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by Lenovo (09-04-2021 11:16:56)
Running from C:\Users\Lenovo\Downloads
Windows 10 Pro Version 2004 19041.867 (X64) (2020-07-04 16:05:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-3625998006-2303437307-2170556659-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3625998006-2303437307-2170556659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3625998006-2303437307-2170556659-503 - Limited - Disabled)
Guest (S-1-5-21-3625998006-2303437307-2170556659-501 - Limited - Disabled)
Lenovo (S-1-5-21-3625998006-2303437307-2170556659-1003 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-3625998006-2303437307-2170556659-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

888poker.de (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\888poker.de) (Version: 1.1.2.33 - 888)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.0.2617.6509 - Adguard Software Ltd) Hidden
AdGuard (HKLM-x32\...\{e04bd71c-22b2-4453-b5da-99804065a4b9}) (Version: 7.0.2617.6509 - Adguard Software Ltd)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3) (Version: 8.3 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_6) (Version: 20.0.6 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
CrystalDiskInfo 6.7.5 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.5 - Crystal Dew World)
DxO PhotoLab 2 (HKLM\...\{E9CD9A75-02FC-4921-83A6-F57C892C2250}) (Version: 2.3.2 - DxO)
DxO PhotoLab 3 (HKLM\...\{ED095DD7-92AD-46C3-94D7-F8BFD2105CC4}) (Version: 3.1.0 - DxO)
DxO PhotoLab 3 plug-in for Adobe Lightroom (HKLM-x32\...\{3999E0D5-12DC-4ACC-B07F-62B3DECFB5B2}) (Version: 1.0.50 - DxO Labs)
Excel (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.60 - FileZilla Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
KONICA MINOLTA PagePro 1350W (HKLM\...\KONICA MINOLTA PagePro 1350W) (Version: - )
Kuki (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Kuki) (Version: 20151105.000 - SMART Comp. a.s.)
LBAI (HKLM-x32\...\{C5C91B7B-38A6-40B7-84D6-E44885E44B13}_is1) (Version: 1.0.0.9 - Lenovo Group Limited)
Lenovo Bluetooth Lock (HKLM\...\{77A3D1F8-B521-40E6-9A51-E53C2FDBA2A9}_is1) (Version: 2.0.1.0527 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0118 - Lenovo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0008 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 2.3.1 - DxO)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PowerPoint (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
Topaz DeNoise AI (HKLM\...\Topaz DeNoise AI 3.0.3) (Version: 3.0.3 - Topaz Labs LLC)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.582 - McAfee, LLC)
Windows 10 Manager (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Windows 10 Manager 3.2.5) (Version: 3.2.5 - Yamicsoft)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 19.3 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 19.3 - WinTools Software Engineering, Ltd.)
Word (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Xiaomi Cloud (HKLM\...\dbd7cffb-9b67-55a5-b1a3-aabba639e500) (Version: 1.0.16 - 小米科技有限责任公司)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.8.12113.0_x64__8wekyb3d8bbwe [2021-01-07] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxDTCM.dll [2017-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2020-03-07 20:21 - 2017-03-14 17:51 - 001714688 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
2015-08-18 15:19 - 2015-08-18 15:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-08-18 15:20 - 2015-08-18 15:20 - 000285184 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2017-11-01 22:58 - 2017-11-01 22:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2017-02-06 15:25 - 2017-02-06 15:25 - 001412608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\libeay32.dll
2017-02-06 15:25 - 2017-02-06 15:25 - 000365056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\FileZilla Server\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-04-06] (McAfee, LLC -> McAfee, LLC)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-04-06] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-08 11:51 - 2021-04-08 11:51 - 000003495 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 api.adguard.com
127.0.0.1 api-b.adguard.com
127.0.0.1 api-c.adguard.com
127.0.0.1 api-d.adguard.com
127.0.0.1 192.150.14.69
127.0.0.1 192.150.18.101
127.0.0.1 192.150.18.108
127.0.0.1 192.150.22.40
127.0.0.1 192.150.8.100
127.0.0.1 192.150.8.118
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\Lenovo\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9F285AE1-A050-49FD-942C-1D40A74D117D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7EA9DB1B-1051-4E4C-A816-D3F6996E63DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E163A9D5-A39E-4CCB-95D5-7A17C3DE8450}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{78F5508F-1C99-4DEA-B689-5DB7C7891E6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{393D21D2-CF1F-43C9-8C73-6E3C524B0736}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Ltd)
FirewallRules: [{E24C7F9D-191E-4106-8F82-219BD6CD7DD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B5357FC7-7A2D-4471-A429-262F144C4ACC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66A52BA1-23FD-426D-A205-BD46459569C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{192E778E-E66D-43C0-93E9-09AB8AE96558}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{214D19CB-D7B5-4735-A6EB-DD346B07124B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70902657-BF08-4891-8607-F8E8E34CF0D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58039A0D-C2D4-4B67-BFDB-92E2892CE6FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DE2548C7-6F5B-42A4-868B-D11E96220A12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.125.559.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FA9E7CF8-CD81-4744-933A-E8CD15CE4BC4}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [{CE76BF83-9AE6-48F3-A4DE-1CF11C520188}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{141D2A64-BBD3-49CE-9906-60D4029A1E71}C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe => No File
FirewallRules: [UDP Query User{2697AAE7-CE99-443F-B47A-0A9783C1F0B1}C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_storage-utility-windows_5-1-0-2_all_en_20120110\d-link storage utility(5.1.0.2)_20110728.exe => No File
FirewallRules: [TCP Query User{49E1B236-D6C6-4604-AC05-900A31AA16D7}C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe => No File
FirewallRules: [UDP Query User{A829636B-5451-4F75-A034-EF8F2CB3AC66}C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe] => (Allow) C:\users\lenovo\downloads\dns-320_sw_revall_setup-wizard_1-0-4-2_all_en_20120110\dns-320_setup_wizard_eu_v1.0.4.2_09012011\setup wizard.exe => No File
FirewallRules: [{EC54B018-FA07-439B-86ED-0E8BF336FFAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1075410C-DB95-42F9-84C1-4E0EDBD9E7EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15BC0265-45C6-4088-9932-4C72E5C56325}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C7EE1E0B-85CF-497B-BAC9-A27BD7BDC1E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{232ADABF-1CCF-4ACD-8F39-49F7221EA4E5}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{9C111E74-2656-4128-9B29-CC9E1BA44F73}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{27780D90-086D-44DC-96CF-77A8FA1FCFCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-03-2021 21:07:44 Naplánovaný kontrolní bod
30-03-2021 18:08:05 Naplánovaný kontrolní bod
07-04-2021 13:07:31 Drivers Installation

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/07/2021 01:48:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xb850de5d
Název chybujícího modulu: combase.dll, verze: 10.0.19041.844, časové razítko: 0x98fb6ff0
Kód výjimky: 0xc0000005
Posun chyby: 0x0010be82
ID chybujícího procesu: 0x3cec
Čas spuštění chybující aplikace: 0x01d72addcb366ee8
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 75842bb0-bf5e-49a9-ad94-77e2633edcae
Úplný název chybujícího balíčku: Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c
ID aplikace související s chybujícím balíčkem: App

Error: (04/05/2021 08:59:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/28/2021 06:53:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/21/2021 07:53:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/10/2021 03:57:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/01/2021 10:33:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/24/2021 06:52:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/17/2021 07:51:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Nový svazek (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (04/06/2021 02:13:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba FileZilla Server FTP server je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/31/2021 06:37:41 PM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: Následující služba přestala opakovaně odpovídat na požadavky řízení služby: Služba Antivirová ochrana v programu Microsoft Defender

Kontaktujte dodavatele služby nebo správce systému a poraďte se s nimi, zda je vhodné službu vypnout, dokud nebude zjištěna příčina problému.

Před vypnutím služby bude pravděpodobně nutné restartovat počítač v nouzovém režimu.

Error: (03/31/2021 07:32:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/31/2021 07:30:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/31/2021 06:46:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/31/2021 06:44:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/31/2021 06:42:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).

Error: (03/30/2021 10:35:12 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového limitu (120000 ms).


Windows Defender:
================
Date: 2021-04-06 12:06:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2D12543-D6D0-43C1-9F37-540B710FEE4C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-05 11:37:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A009C884-1363-4C68-BEB8-463316553AD3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-04 10:47:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B55FE0AC-E427-48BE-BDA1-2F30FB9E3297}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-03 10:46:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3975D626-EE1B-4D31-9470-94B9FD013231}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-02 10:40:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1453B288-60DC-4DEB-AFFF-7D47EF681FC7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-04-09 11:15:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO LENOVO - 1400 12/25/2019
Motherboard: LENOVO 30BB
Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 72%
Total physical RAM: 8099.58 MB
Available physical RAM: 2213.01 MB
Total Virtual: 20402.45 MB
Available Virtual: 8180.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.94 GB) (Free:100.04 GB) NTFS
Drive d: () (Removable) (Total:7.39 GB) (Free:4.53 GB) FAT32
Drive f: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:282.61 GB) NTFS

\\?\Volume{378c6390-6e10-4618-911f-52c0938791b6}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{d388f1c1-f359-44f9-9ca7-530530751557}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 01DAAFA2)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0CBB1DFF)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-08.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-12-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1978 octets] - [08/03/2021 09:32:06]
AdwCleaner[C00].txt - [1634 octets] - [08/03/2021 09:33:04]
AdwCleaner[S01].txt - [2060 octets] - [12/04/2021 11:11:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Provedl jsem, počítač se restartoval, ale bohužel nikde nemohu najít fixlog.txt Co s tím?

Dajte sem nove logy FRST +ADDITION, uvidime ci odmazalo.

Temu zamykam.