VIRY.CZ

dekuji za omrknuti, klikla jsem omylem na nejakou stranku, coz jsem nemela, ted mi tak skacou v dlnim pravem rohu ruzne vyzvy, reklamy atd.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2021
Ran by A (30-08-2021 14:12:58)
Running from C:\Users\A\Downloads
Windows 10 Pro Version 20H2 19042.1165 (X64) (2021-02-08 13:23:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

A (S-1-5-21-778287325-1988700057-2922616860-1001 - Administrator - Enabled) => C:\Users\A
Administrator (S-1-5-21-778287325-1988700057-2922616860-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-778287325-1988700057-2922616860-503 - Limited - Disabled)
Guest (S-1-5-21-778287325-1988700057-2922616860-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-778287325-1988700057-2922616860-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
BankID Security Application (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.10.0.13 - Finansiell ID-Teknik BID AB)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
Installation av Handelsbankens kortläsare (HKLM-x32\...\{79FDF571-BBC9-4E6C-8297-91CCDC7B7023}) (Version: 1.01.0000 - Todos Data System AB)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft 365-appar för företag - sv-se (HKLM\...\O365ProPlusRetail - sv-se) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Mozilla Firefox 88.0 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0 (x64 en-US)) (Version: 88.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.14228.20222 - Microsoft Corporation) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
VdhCoApp 1.6.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Zoom (HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\ZoomUMX) (Version: 5.6.1 (617) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-31] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0 [2021-08-25] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-778287325-1988700057-2922616860-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\A\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-02-26 12:13 - 2021-02-26 12:13 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-02-26 12:13 - 2021-02-26 12:13 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-02-20 06:17 - 2021-02-20 06:17 - 000217600 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_asym.dll
2021-02-20 06:17 - 2021-02-20 06:17 - 000404480 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_base.dll
2021-02-20 06:17 - 2021-02-20 06:17 - 000379904 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_base_non_fips.dll
2021-02-20 06:17 - 2021-02-20 06:17 - 000504320 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\ccme_ecc.dll
2021-02-20 06:17 - 2021-02-20 06:17 - 000218624 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\cryptocme.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\sharepoint.com -> hxxps://soscv-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-02-08 15:13 - 2021-02-08 15:11 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-778287325-1988700057-2922616860-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{19A2DC23-8ADC-490A-91B2-F55F5A39A8F2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{341A9A57-9999-41C3-AE02-3E9193F3A0BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{39B840B5-E991-47BE-9DB1-0F6B3C93B962}C:\users\a\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\a\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0F402B97-2A5E-4F8B-89D8-07AD191078A0}C:\users\a\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\a\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{921E5673-53FA-44EA-B487-D8D30BFC68FB}] => (Allow) C:\Users\A\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6263BBB3-D214-4966-85D4-8035C2EC0CC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{390C1A7C-898F-4700-9F91-180E302647C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6DBD61C1-CA21-4648-87EE-90D81ADC5771}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0DED2296-F298-4BD4-B385-DC6697BEEDE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B28D5F97-0679-4683-B16D-FEAC51FE55EF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF2D343F-E960-4501-995A-5141257DCD44}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FBE14430-C48E-4736-BF58-9E1F4408A914}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD2DB445-C37D-45CE-A07F-61FB27282773}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC9E4337-4B0E-41D9-A300-1BC323D621C2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CA261B-B77C-4280-A590-5A0628A6D637}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E39488D9-4D6F-4B1C-AFDE-190536827E65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D00A4B38-246C-40D2-B0E8-7195B314E1FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{700B7549-FC62-4DF9-AD01-EE7F7D7E149F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BDC282F-2D19-4076-B734-BE76C8030E50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF903F66-0138-4EF2-BB62-FF9468C67713}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0028C620-84D6-4656-B621-4D65701036CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{016BD453-E2EE-4876-A4B5-D3DF0BBC0B00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C11EC931-03BC-4C1F-A183-407DDAE2F668}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49BEF8D6-8F0F-4283-A2C8-8132EB998EAC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.84\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

13-08-2021 10:44:33 Windows Modules Installer
20-08-2021 18:17:54 Scheduled Checkpoint
29-08-2021 22:07:14 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Data Acquisition and Signal Processing Controller
Description: PCI Data Acquisition and Signal Processing Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/10/2021 07:41:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3328

Start Time: 01d78707be1aeb85

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: ed470285-3aac-4247-a7b2-11d501688a98

Faulting package full name: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Hang type: Quiesce

Error: (07/22/2021 01:40:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 19.3.4.228, time stamp: 0x6094e1cf
Faulting module name: SynTPEnh.exe, version: 19.3.4.228, time stamp: 0x6094e1cf
Exception code: 0xc0000005
Fault offset: 0x000000000000323f
Faulting process ID: 0x1474
Faulting application start time: 0x01d77c0c7928d36c
Faulting application path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Faulting module path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Report ID: 45858eb1-9002-48b3-bb92-8dfea0523a9d
Faulting package full name:
Faulting package-relative application ID:

Error: (07/21/2021 11:38:02 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (07/21/2021 11:38:02 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/05/2021 10:57:50 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (07/05/2021 10:57:50 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/22/2021 11:24:54 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (06/22/2021 11:24:54 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (08/30/2021 01:58:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Lenovo - Extension - 10/24/2018 12:00:00 AM - 1.0.1.0.

Error: (08/29/2021 07:47:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Lenovo - Extension - 10/24/2018 12:00:00 AM - 1.0.1.0.

Error: (08/27/2021 02:37:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Lenovo - Extension - 10/24/2018 12:00:00 AM - 1.0.1.0.

Error: (08/26/2021 07:38:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Lenovo - Extension - 10/24/2018 12:00:00 AM - 1.0.1.0.

Error: (08/24/2021 09:52:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Lenovo - Extension - 10/24/2018 12:00:00 AM - 1.0.1.0.

Error: (08/24/2021 04:56:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: HP - USB - 3/27/2019 12:00:00 AM - 13.54.20.543.

Error: (08/23/2021 05:45:24 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Lenovo Giga Ethernet, {5f40ba40-533b-40e9-a716-052483b58667}, had event 73

Error: (08/23/2021 03:39:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: Lenovo - Extension - 10/24/2018 12:00:00 AM - 1.0.1.0.


Windows Defender:
================
Date: 2021-08-30 13:58:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-29 22:05:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-28 12:42:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-27 12:51:06
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-26 13:34:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-30 08:07:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.99.0
Previous security intelligence Version: 1.341.1630.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-30 08:07:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.99.0
Previous security intelligence Version: 1.341.1630.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-30 08:07:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

==================== Memory info ===========================

BIOS: LENOVO N14ET52W (1.30 ) 08/28/2019
Motherboard: LENOVO 20BTS1R400
Processor: Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
Percentage of memory in use: 82%
Total physical RAM: 8071.21 MB
Available physical RAM: 1415.81 MB
Total Virtual: 14215.21 MB
Available Virtual: 2277.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.07 GB) (Free:99.3 GB) NTFS

\\?\Volume{d2838311-cd2f-4edb-9ef1-d894883bec59}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{f8413ecd-8101-490b-ad4f-71d599fcd5b1}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 167.7 GB) (Disk ID: BD4CA2EF)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2021
Ran by A (administrator) on DESKTOP-V7NF5M6 (LENOVO 20BTS1R400) (30-08-2021 14:11:14)
Running from C:\Users\A\Downloads
Loaded Profiles: A
Platform: Windows 10 Pro Version 20H2 19042.1165 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <55>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <24>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\A\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\A\AppData\Local\Microsoft\Teams\Update.exe [2454240 2021-07-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\A\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\A\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\RunOnce: [Uninstall 21.150.0725.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\A\AppData\Local\Microsoft\OneDrive\21.150.0725.0001"
HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\RunOnce: [Uninstall 21.160.0808.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\A\AppData\Local\Microsoft\OneDrive\21.160.0808.0001"
HKLM\...\Windows x64\Print Processors\shj2mPC: C:\Windows\System32\spool\prtprocs\x64\shj2mpc.dll [65256 2019-04-01] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\shj2m Langmon: C:\WINDOWS\system32\shj2mlm.dll [44264 2019-04-01] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-19] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E8E41B8-AFD2-4A41-9655-60680F77FC2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {2D3A609C-D049-4001-BEFD-3C0A870B0003} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3A2BE6C2-E3F4-4B58-9C20-B07455D2654A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {468A783A-023F-4DCD-8B33-1C48DF177996} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {54C0F3D7-12EE-4B00-98E3-5C0EB979AA5A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617584 2020-04-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {59822796-2751-4BA0-A010-C35D5BCFC660} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66078E9D-B28D-473A-BA4A-0819591D34AA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D3BAFE9-2268-4D84-B176-10289BEDDEBE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {73B0BFC8-86B4-446F-AB44-0931FDAD8CB5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A40AE571-562F-4511-A34B-FD891DB06FD3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {B00317DE-B765-43D2-83E6-FE2DE83D28A0} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617584 2020-04-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B108F09D-0EC0-489A-9588-E007862275DF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722536 2021-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D01842C7-0EE1-4EC5-B6E6-FB0292C54191} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D425AB10-4345-47B3-9E5F-FAC43B7D9E55} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722536 2021-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E252C6D2-4452-467B-B39A-5BDBBD086F86} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [225248 2017-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
Task: {E469A262-F8B5-41F9-83C4-1966CF59FECE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC22B51E-5EC4-4CF2-BDFB-A704DA95EA31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{a444201f-da03-4fc3-9f12-69083a7c2b85}: [DhcpNameServer] 192.168.10.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\A\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-30]
Edge Notifications: Default -> hxxps://captchaverifier.top

FireFox:
========
FF DefaultProfile: wuydc3is.default
FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\wuydc3is.default [2021-07-29]
FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\qt2z2wn1.default-release [2021-07-29]
FF Extension: (Video DownloadHelper) - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\qt2z2wn1.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-04-29]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\A\AppData\Local\Google\Chrome\User Data\Default [2021-08-30]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://captchadecode.com; hxxps://meet.google.com
CHR HomePage: Default -> hxxp://search.findwide.com/?guid={85EE7439-38F2-48C5-8D6E-0748D8390267}&serpv=22
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... google.com"
CHR Extension: (Chrome Web Store Payments) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-19] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90328 2020-09-30] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Tdsshbecr; C:\WINDOWS\System32\drivers\shbecr.sys [38496 2017-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-30 14:11 - 2021-08-30 14:11 - 000016681 _____ C:\Users\A\Downloads\FRST.txt
2021-08-30 14:08 - 2021-08-30 14:09 - 002301440 _____ (Farbar) C:\Users\A\Downloads\FRST64.exe
2021-08-27 12:19 - 2021-08-27 12:19 - 000053720 _____ C:\Users\A\Downloads\Inskrivningsintyg.pdf
2021-08-16 07:21 - 2021-08-16 07:21 - 001522828 _____ C:\WINDOWS\Minidump\081621-7906-01.dmp
2021-08-15 10:47 - 2021-08-15 10:47 - 001502420 _____ C:\WINDOWS\Minidump\081521-8265-01.dmp
2021-08-13 10:56 - 2021-08-13 10:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 10:56 - 2021-08-13 10:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 10:56 - 2021-08-13 10:56 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-13 10:56 - 2021-08-13 10:56 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-13 10:56 - 2021-08-13 10:56 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 10:56 - 2021-08-13 10:56 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-13 10:56 - 2021-08-13 10:56 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-13 10:45 - 2021-08-13 10:45 - 000000000 ___HD C:\$WinREAgent
2021-08-10 06:47 - 2021-08-10 06:47 - 000000000 ____D C:\Users\A\AppData\Local\cache
2021-08-05 14:12 - 2021-08-05 14:12 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 14:12 - 2021-08-05 14:12 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-04 14:33 - 2021-08-04 14:33 - 000348378 _____ C:\Users\A\Downloads\Slutskattebesked.pdf
2021-08-01 20:20 - 2021-08-01 20:20 - 001228492 _____ C:\WINDOWS\Minidump\080121-14296-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-30 14:11 - 2021-07-29 08:10 - 000000000 ____D C:\FRST
2021-08-30 13:42 - 2021-02-24 08:54 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-30 12:58 - 2021-02-08 15:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-28 19:13 - 2021-02-17 20:47 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-778287325-1988700057-2922616860-1001
2021-08-28 19:13 - 2021-02-17 20:47 - 000000000 ___RD C:\Users\A\OneDrive
2021-08-28 19:13 - 2021-02-17 20:43 - 000002367 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-27 21:39 - 2021-02-17 20:43 - 000000000 ____D C:\Users\A\AppData\Local\Packages
2021-08-27 18:50 - 2021-02-08 15:22 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-27 18:50 - 2021-02-08 15:22 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-27 08:40 - 2021-02-28 22:21 - 000000000 ____D C:\Users\A\AppData\LocalLow\Temp
2021-08-26 18:07 - 2021-02-08 15:13 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-26 18:07 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-25 17:30 - 2021-03-02 07:06 - 000000000 ____D C:\Users\A\Documents\flat_Alby
2021-08-25 15:27 - 2021-02-08 15:12 - 000000000 ____D C:\WINDOWS\INF
2021-08-24 17:01 - 2021-02-24 09:19 - 000687848 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-24 17:01 - 2021-02-24 09:19 - 000141456 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-24 17:01 - 2021-02-24 09:14 - 000684554 _____ C:\WINDOWS\system32\perfh01D.dat
2021-08-24 17:01 - 2021-02-24 09:14 - 000142014 _____ C:\WINDOWS\system32\perfc01D.dat
2021-08-24 17:01 - 2021-02-17 20:46 - 002412730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-23 11:23 - 2021-03-02 07:05 - 000000000 ____D C:\Users\A\Documents\jobs
2021-08-19 08:29 - 2021-02-24 08:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-19 08:29 - 2021-02-24 08:55 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-18 13:05 - 2021-03-03 14:20 - 000000000 ____D C:\Users\A\Desktop\vyhodit
2021-08-18 10:45 - 2021-02-08 15:21 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 10:45 - 2021-02-08 15:21 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-17 17:09 - 2021-03-02 07:06 - 000000000 ____D C:\Users\A\Documents\finance
2021-08-16 07:29 - 2021-02-08 15:13 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-16 07:28 - 2021-07-29 16:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-16 07:28 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-16 07:21 - 2021-03-01 09:56 - 621338510 _____ C:\WINDOWS\MEMORY.DMP
2021-08-16 07:21 - 2021-03-01 09:56 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-16 07:21 - 2021-02-24 06:57 - 000000000 ____D C:\ProgramData\Synaptics
2021-08-16 07:21 - 2021-02-08 15:20 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-16 07:21 - 2021-02-08 15:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-13 22:22 - 2021-02-08 15:20 - 000440784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-13 22:22 - 2021-02-08 15:08 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-13 22:22 - 2021-02-08 15:08 - 000000000 ____D C:\WINDOWS\servicing
2021-08-13 22:21 - 2021-02-17 20:43 - 000000000 ____D C:\Users\A
2021-08-13 22:05 - 2021-02-25 08:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 11:00 - 2021-02-08 15:09 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-13 10:44 - 2021-02-25 08:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 10:35 - 2021-02-25 08:16 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 10:31 - 2021-03-02 07:06 - 000000000 ____D C:\Users\A\Documents\car
2021-08-10 19:51 - 2021-02-26 12:08 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-04 12:02 - 2021-02-08 15:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 09:40 - 2021-02-24 09:25 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-01 20:22 - 2021-02-08 15:13 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-08-01 20:20 - 2021-02-24 11:24 - 000000000 __SHD C:\Users\A\IntelGraphicsProfiles

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-30-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 3
# Failed: 4


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted http://search.findwide.com/?guid={85EE7 ... }&serpv=22
Deleted http://search.findwide.com/?guid={85EE7 ... }&serpv=22
Deleted youndoo
Not Deleted FindWide
Not Deleted FindWide
Not Deleted vi-view
Not Deleted vi-view

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1805 octets] - [29/07/2021 11:02:18]
AdwCleaner[C00].txt - [1867 octets] - [29/07/2021 11:02:39]
AdwCleaner[S01].txt - [1927 octets] - [30/08/2021 21:32:14]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-30-2021
# Duration: 00:00:10
# OS: Windows 10 Pro
# Scanned: 31959
# Detected: 7


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy FindWide
PUP.Optional.Legacy FindWide
PUP.Optional.Legacy http://search.findwide.com/?guid={85EE7 ... }&serpv=22
PUP.Optional.Legacy http://search.findwide.com/?guid={85EE7 ... }&serpv=22
PUP.Optional.Legacy vi-view
PUP.Optional.Legacy vi-view
PUP.Optional.Legacy youndoo

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1805 octets] - [29/07/2021 11:02:18]
AdwCleaner[C00].txt - [1867 octets] - [29/07/2021 11:02:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

nepomohl to, porad mi tak chodi ty reklamy

Nalezené položky smažte, nebo dejte do karantény. Pak restartujte a dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-08-2021
Ran by A (30-08-2021 22:07:59)
Running from C:\Users\A\Downloads
Windows 10 Pro Version 20H2 19042.1165 (X64) (2021-02-08 13:23:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

A (S-1-5-21-778287325-1988700057-2922616860-1001 - Administrator - Enabled) => C:\Users\A
Administrator (S-1-5-21-778287325-1988700057-2922616860-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-778287325-1988700057-2922616860-503 - Limited - Disabled)
Guest (S-1-5-21-778287325-1988700057-2922616860-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-778287325-1988700057-2922616860-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
BankID Security Application (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.10.0.13 - Finansiell ID-Teknik BID AB)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.159 - Google LLC)
Installation av Handelsbankens kortläsare (HKLM-x32\...\{79FDF571-BBC9-4E6C-8297-91CCDC7B7023}) (Version: 1.01.0000 - Todos Data System AB)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft 365-appar för företag - sv-se (HKLM\...\O365ProPlusRetail - sv-se) (Version: 16.0.14326.20238 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.84 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\OneDriveSetup.exe) (Version: 21.160.0808.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Mozilla Firefox 88.0 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0 (x64 en-US)) (Version: 88.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
VdhCoApp 1.6.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Zoom (HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\ZoomUMX) (Version: 5.6.1 (617) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-02-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-02-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-31] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0 [2021-08-25] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-778287325-1988700057-2922616860-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\A\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\sharepoint.com -> hxxps://soscv-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-02-08 15:13 - 2021-02-08 15:11 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-778287325-1988700057-2922616860-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{19A2DC23-8ADC-490A-91B2-F55F5A39A8F2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{341A9A57-9999-41C3-AE02-3E9193F3A0BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{39B840B5-E991-47BE-9DB1-0F6B3C93B962}C:\users\a\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\a\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0F402B97-2A5E-4F8B-89D8-07AD191078A0}C:\users\a\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\a\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{921E5673-53FA-44EA-B487-D8D30BFC68FB}] => (Allow) C:\Users\A\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6263BBB3-D214-4966-85D4-8035C2EC0CC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{390C1A7C-898F-4700-9F91-180E302647C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6DBD61C1-CA21-4648-87EE-90D81ADC5771}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0DED2296-F298-4BD4-B385-DC6697BEEDE0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF2D343F-E960-4501-995A-5141257DCD44}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FBE14430-C48E-4736-BF58-9E1F4408A914}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD2DB445-C37D-45CE-A07F-61FB27282773}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC9E4337-4B0E-41D9-A300-1BC323D621C2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49CA261B-B77C-4280-A590-5A0628A6D637}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E39488D9-4D6F-4B1C-AFDE-190536827E65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D00A4B38-246C-40D2-B0E8-7195B314E1FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{700B7549-FC62-4DF9-AD01-EE7F7D7E149F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BDC282F-2D19-4076-B734-BE76C8030E50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF903F66-0138-4EF2-BB62-FF9468C67713}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0028C620-84D6-4656-B621-4D65701036CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{016BD453-E2EE-4876-A4B5-D3DF0BBC0B00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C11EC931-03BC-4C1F-A183-407DDAE2F668}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.166.580.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{49BEF8D6-8F0F-4283-A2C8-8132EB998EAC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.84\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BCE4E1B2-4328-444A-8C90-79A707317D8C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

13-08-2021 10:44:33 Windows Modules Installer
20-08-2021 18:17:54 Scheduled Checkpoint
29-08-2021 22:07:14 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Data Acquisition and Signal Processing Controller
Description: PCI Data Acquisition and Signal Processing Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (08/10/2021 07:41:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3328

Start Time: 01d78707be1aeb85

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: ed470285-3aac-4247-a7b2-11d501688a98

Faulting package full name: Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Hang type: Quiesce

Error: (07/22/2021 01:40:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 19.3.4.228, time stamp: 0x6094e1cf
Faulting module name: SynTPEnh.exe, version: 19.3.4.228, time stamp: 0x6094e1cf
Exception code: 0xc0000005
Fault offset: 0x000000000000323f
Faulting process ID: 0x1474
Faulting application start time: 0x01d77c0c7928d36c
Faulting application path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Faulting module path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Report ID: 45858eb1-9002-48b3-bb92-8dfea0523a9d
Faulting package full name:
Faulting package-relative application ID:

Error: (07/21/2021 11:38:02 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (07/21/2021 11:38:02 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/05/2021 10:57:50 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (07/05/2021 10:57:50 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/22/2021 11:24:54 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (06/22/2021 11:24:54 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (08/30/2021 10:05:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BiometricSensorDataSynchronization service terminated unexpectedly. It has done this 1 time(s).

Error: (08/30/2021 10:05:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (08/30/2021 10:05:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SynTPEnh Caller Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/30/2021 10:05:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/30/2021 10:05:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Synaptics FP WBF Policy Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/30/2021 10:05:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) HD Graphics Control Panel Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/30/2021 09:34:40 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 54) (User: NT AUTHORITY)
Description: Collaborative processor power controls on processor 3 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.

Error: (08/30/2021 09:34:40 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 54) (User: NT AUTHORITY)
Description: Collaborative processor power controls on processor 2 in group 0 are disabled due to a firmware problem. Check with the computer manufacturer for updated firmware.


Windows Defender:
================
Date: 2021-08-30 13:58:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-29 22:05:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-28 12:42:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-27 12:51:06
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-26 13:34:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-30 08:07:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.99.0
Previous security intelligence Version: 1.341.1630.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-30 08:07:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.343.99.0
Previous security intelligence Version: 1.341.1630.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-30 08:07:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18300.4
Previous Engine Version: 1.1.18200.4
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

==================== Memory info ===========================

BIOS: LENOVO N14ET52W (1.30 ) 08/28/2019
Motherboard: LENOVO 20BTS1R400
Processor: Intel(R) Core(TM) i7-5600U CPU @ 2.60GHz
Percentage of memory in use: 35%
Total physical RAM: 8071.21 MB
Available physical RAM: 5226.7 MB
Total Virtual: 12679.21 MB
Available Virtual: 9804.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:167.07 GB) (Free:102.58 GB) NTFS

\\?\Volume{d2838311-cd2f-4edb-9ef1-d894883bec59}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{f8413ecd-8101-490b-ad4f-71d599fcd5b1}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 167.7 GB) (Disk ID: BD4CA2EF)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2021
Ran by A (administrator) on DESKTOP-V7NF5M6 (LENOVO 20BTS1R400) (30-08-2021 22:06:37)
Running from C:\Users\A\Downloads
Loaded Profiles: A
Platform: Windows 10 Pro Version 20H2 19042.1165 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\A\AppData\Local\Microsoft\Teams\Update.exe [2454240 2021-07-29] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\shj2mPC: C:\Windows\System32\spool\prtprocs\x64\shj2mpc.dll [65256 2019-04-01] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\shj2m Langmon: C:\WINDOWS\system32\shj2mlm.dll [44264 2019-04-01] (联想图像(天津)科技有限公司 -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-19] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E8E41B8-AFD2-4A41-9655-60680F77FC2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {16EBEA0F-3763-4235-AA0A-BB4FFBAF414D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CB71007-4FC5-4F3C-9347-223D53E3D711} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D3A609C-D049-4001-BEFD-3C0A870B0003} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3A2BE6C2-E3F4-4B58-9C20-B07455D2654A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {468A783A-023F-4DCD-8B33-1C48DF177996} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {4951368F-9816-4E89-85E8-A42C05A506A6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {54C0F3D7-12EE-4B00-98E3-5C0EB979AA5A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617584 2020-04-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {59822796-2751-4BA0-A010-C35D5BCFC660} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78237382-07E8-4DCD-BEB1-539A0C57B1A0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139128 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A40AE571-562F-4511-A34B-FD891DB06FD3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {AF22411C-FF79-4986-BDE5-1941D0EF5593} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B00317DE-B765-43D2-83E6-FE2DE83D28A0} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617584 2020-04-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E252C6D2-4452-467B-B39A-5BDBBD086F86} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [225248 2017-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
Task: {E469A262-F8B5-41F9-83C4-1966CF59FECE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EC22B51E-5EC4-4CF2-BDFB-A704DA95EA31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB3CC066-9890-4325-8861-86B693C4CB3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053744 2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{a444201f-da03-4fc3-9f12-69083a7c2b85}: [DhcpNameServer] 192.168.10.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\A\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-30]
Edge Notifications: Default -> hxxps://captchaverifier.top

FireFox:
========
FF DefaultProfile: wuydc3is.default
FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\wuydc3is.default [2021-07-29]
FF ProfilePath: C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\qt2z2wn1.default-release [2021-07-29]
FF Extension: (Video DownloadHelper) - C:\Users\A\AppData\Roaming\Mozilla\Firefox\Profiles\qt2z2wn1.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-04-29]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\A\AppData\Local\Google\Chrome\User Data\Default [2021-08-30]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://captchadecode.com; hxxps://meet.google.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... google.com"
CHR Extension: (Chrome Web Store Payments) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-19] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90328 2020-09-30] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Tdsshbecr; C:\WINDOWS\System32\drivers\shbecr.sys [38496 2017-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-30 21:31 - 2021-08-30 21:31 - 008553680 _____ (Malwarebytes) C:\Users\A\Downloads\adwcleaner_8.3.0.exe
2021-08-30 14:12 - 2021-08-30 14:14 - 000024796 _____ C:\Users\A\Downloads\Addition.txt
2021-08-30 14:11 - 2021-08-30 22:07 - 000012718 _____ C:\Users\A\Downloads\FRST.txt
2021-08-30 14:08 - 2021-08-30 14:09 - 002301440 _____ (Farbar) C:\Users\A\Downloads\FRST64.exe
2021-08-27 12:19 - 2021-08-27 12:19 - 000053720 _____ C:\Users\A\Downloads\Inskrivningsintyg.pdf
2021-08-16 07:21 - 2021-08-16 07:21 - 001522828 _____ C:\WINDOWS\Minidump\081621-7906-01.dmp
2021-08-15 10:47 - 2021-08-15 10:47 - 001502420 _____ C:\WINDOWS\Minidump\081521-8265-01.dmp
2021-08-13 10:56 - 2021-08-13 10:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-13 10:56 - 2021-08-13 10:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-13 10:56 - 2021-08-13 10:56 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-13 10:56 - 2021-08-13 10:56 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-13 10:56 - 2021-08-13 10:56 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-13 10:56 - 2021-08-13 10:56 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-13 10:56 - 2021-08-13 10:56 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-13 10:45 - 2021-08-13 10:45 - 000000000 ___HD C:\$WinREAgent
2021-08-10 06:47 - 2021-08-10 06:47 - 000000000 ____D C:\Users\A\AppData\Local\cache
2021-08-05 14:12 - 2021-08-05 14:12 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-05 14:12 - 2021-08-05 14:12 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-04 14:33 - 2021-08-04 14:33 - 000348378 _____ C:\Users\A\Downloads\Slutskattebesked.pdf
2021-08-01 20:20 - 2021-08-01 20:20 - 001228492 _____ C:\WINDOWS\Minidump\080121-14296-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-30 22:06 - 2021-07-29 08:10 - 000000000 ____D C:\FRST
2021-08-30 22:05 - 2021-02-08 15:13 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-30 22:04 - 2021-02-08 15:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-30 21:53 - 2021-02-08 15:13 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-30 21:53 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-30 21:40 - 2021-02-24 09:19 - 000687848 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-30 21:40 - 2021-02-24 09:19 - 000141456 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-30 21:40 - 2021-02-24 09:14 - 000684554 _____ C:\WINDOWS\system32\perfh01D.dat
2021-08-30 21:40 - 2021-02-24 09:14 - 000142014 _____ C:\WINDOWS\system32\perfc01D.dat
2021-08-30 21:40 - 2021-02-17 20:46 - 002412730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-30 21:40 - 2021-02-08 15:12 - 000000000 ____D C:\WINDOWS\INF
2021-08-30 21:36 - 2021-02-24 08:54 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-30 21:35 - 2021-02-26 12:08 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-30 21:35 - 2021-02-17 20:47 - 000000000 ___RD C:\Users\A\OneDrive
2021-08-30 21:34 - 2021-07-29 16:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-30 21:34 - 2021-02-24 06:57 - 000000000 ____D C:\ProgramData\Synaptics
2021-08-30 21:34 - 2021-02-08 15:20 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-30 21:34 - 2021-02-08 15:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-30 21:34 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-30 21:34 - 2021-02-08 15:08 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-30 21:31 - 2021-03-02 07:06 - 000000000 ____D C:\Users\A\Documents\flat_Alby
2021-08-30 21:30 - 2021-03-02 07:06 - 000000000 ____D C:\Users\A\Documents\finance
2021-08-28 19:13 - 2021-02-17 20:47 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-778287325-1988700057-2922616860-1001
2021-08-28 19:13 - 2021-02-17 20:43 - 000002367 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-27 21:39 - 2021-02-17 20:43 - 000000000 ____D C:\Users\A\AppData\Local\Packages
2021-08-27 18:50 - 2021-02-08 15:22 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-27 18:50 - 2021-02-08 15:22 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-27 08:40 - 2021-02-28 22:21 - 000000000 ____D C:\Users\A\AppData\LocalLow\Temp
2021-08-23 11:23 - 2021-03-02 07:05 - 000000000 ____D C:\Users\A\Documents\jobs
2021-08-19 08:29 - 2021-02-24 08:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-19 08:29 - 2021-02-24 08:55 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-18 13:05 - 2021-03-03 14:20 - 000000000 ____D C:\Users\A\Desktop\vyhodit
2021-08-18 10:45 - 2021-02-08 15:21 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 10:45 - 2021-02-08 15:21 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-16 07:21 - 2021-03-01 09:56 - 621338510 _____ C:\WINDOWS\MEMORY.DMP
2021-08-16 07:21 - 2021-03-01 09:56 - 000000000 ____D C:\WINDOWS\Minidump
2021-08-13 22:22 - 2021-02-08 15:20 - 000440784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 22:22 - 2021-02-08 15:13 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-13 22:22 - 2021-02-08 15:08 - 000000000 ____D C:\WINDOWS\servicing
2021-08-13 22:21 - 2021-02-17 20:43 - 000000000 ____D C:\Users\A
2021-08-13 22:05 - 2021-02-25 08:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-13 11:00 - 2021-02-08 15:09 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-13 10:44 - 2021-02-25 08:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-13 10:35 - 2021-02-25 08:16 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-11 10:31 - 2021-03-02 07:06 - 000000000 ____D C:\Users\A\Documents\car
2021-08-04 12:02 - 2021-02-08 15:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-02 09:40 - 2021-02-24 09:25 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-08-01 20:22 - 2021-02-08 15:13 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-08-01 20:20 - 2021-02-24 11:24 - 000000000 __SHD C:\Users\A\IntelGraphicsProfiles

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

nepomohlo to, co dal?

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {3A2BE6C2-E3F4-4B58-9C20-B07455D2654A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
Task: {A40AE571-562F-4511-A34B-FD891DB06FD3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-24] (Google LLC -> Google LLC)
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... google.com"
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://captchadecode.com; hxxps://meet.google.com
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
IE trusted site: HKU\S-1-5-21-778287325-1988700057-2922616860-1001\...\sharepoint.com -> hxxps://soscv-files.sharepoint.com

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

opet nemohlo, prikladam prtscr

Jetě jednou otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
C:\Users\A\AppData\Local\Microsoft\Edge\User Data\Default
Edge Notifications: Default -> hxxps://captchaverifier.top

EmptyTemp:
End

Uložte do C:\Users\A\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Dekuji opozdene, zafungovalo...squele...