VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

mail spam

https://forum.viry.cz:443/viewtopic.php?t=158275

Stránka 1 z 1

mail spam

Napsal: 23 zář 2021 14:56
od mill
Dobrý deň,
prosím o kontrolu logu. Dnes mi prestalo posielať mail z Outlook, hneď napíše, že nedoručiteľné a niečo so spamom.
Vopred za pomoc ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by User (administrator) on DESKTOP-P95Q40E (ASUSTeK COMPUTER INC. N551JK) (23-09-2021 15:49:11)
Running from C:\Users\User\Desktop
Loaded Profiles: defaultuser0 & User
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <6>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Seznam.cz, a.s. -> ) C:\Users\User\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\User\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [124184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [Chromium] => "c:\users\user\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [AvastBrowserAutoLaunch_DD3B34B51295CA4CE249213732CEC2F8] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {7f8af7b5-41f0-11ea-8ebb-4851b7138719} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501eeb5-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501f0dd-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP a111 Status Monitor: C:\WINDOWS\system32\hpinkstsa111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\system32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\Installer\chrmstp.exe [2021-09-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {042D4500-C367-4365-B375-D9A4CE08CAF3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {05D7FB9E-83B3-406D-8685-79CB895FE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {1E50FF66-B8E0-4F34-8A93-4E712E831191} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {39A51E71-D1AA-483B-8B32-9DD965D00AE7} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {48750B08-421E-46D6-A82B-5C2FD5AC10C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {4DABDBFF-A829-4259-A025-E15F46DD4FD2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF54682-F8D4-4F80-BD9A-087B98D87444} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {644B461C-F4DA-46C5-BCD8-BCE1C94A95FF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {6975DB66-C9AF-45D0-B20B-A9453B5B231E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
Task: {72B24599-B182-4161-B4EF-150A86DDEB3C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4917528 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
Task: {8C78F666-4D55-4F41-AEF8-0A3A251F4124} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9497FDE3-5F79-4F75-9D7D-6600DCF86C3E} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {BFCB5489-4ED1-4B2F-B74A-6B48FDA4961B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {CEA910B9-2AA9-430B-A8CD-8AB115304207} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D6A64115-CC87-4E74-AD85-DA2A0359CC20} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
Task: {E8EE3DE0-BB54-42D7-8F2C-612E17D72DF4} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{815a018e-e26b-4ae1-8407-2f65725776f7}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{a9c99418-d348-4f0e-8f77-a9f80205966d}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-23]
Edge DownloadDir: Default -> C:\Users\User\Downloads
Edge StartupUrls: Default -> "hxxps://google.sk/"

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-09-10] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2018-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-09-23]
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR Extension: (Prezentácie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-19]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-19]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Seznam doplněk - Email) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-19]
CHR Extension: (Tabuľky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-08-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-10-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8303184 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\elevation_service.exe [1436280 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-09-10] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35712 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221584 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367632 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-07-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184120 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538464 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107840 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [553496 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-07] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [31040 2014-04-29] (IPTS Alisa, OOO -> EldoS Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-23 15:49 - 2021-09-23 15:49 - 000021807 _____ C:\Users\User\Desktop\FRST.txt
2021-09-23 15:48 - 2021-09-23 15:48 - 000000000 ____D C:\FRST
2021-09-23 15:46 - 2021-09-23 15:46 - 002304512 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2021-09-22 14:11 - 2021-09-22 14:11 - 000073136 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-23.pdf
2021-09-22 14:11 - 2021-09-22 14:11 - 000049231 _____ C:\Users\User\Downloads\labels-2021-09-23.pdf
2021-09-22 10:37 - 2021-09-22 10:37 - 000071874 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-22.pdf
2021-09-22 10:36 - 2021-09-22 10:36 - 000048997 _____ C:\Users\User\Downloads\labels-2021-09-22.pdf
2021-09-21 18:10 - 2021-09-21 18:10 - 000104538 _____ C:\Users\User\Desktop\2586406023^21SK524201280285R8^^^EZ922^^_ENT_BTS_GTW_ECO_20210818_203230.pdf
2021-09-21 15:06 - 2021-09-21 15:06 - 000010995 _____ C:\Users\User\Downloads\POD_0160658-2021-09-21-1632229618143.tiff
2021-09-21 14:59 - 2021-09-21 14:59 - 000469163 _____ C:\Users\User\Desktop\RKWU 12-256_techdata.pdf
2021-09-20 12:29 - 2021-09-20 12:29 - 000244303 _____ C:\Users\User\Desktop\ds_tw9525_en_co.pdf
2021-09-19 11:26 - 2021-09-19 11:26 - 000072114 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-20.pdf
2021-09-19 11:26 - 2021-09-19 11:26 - 000049280 _____ C:\Users\User\Downloads\labels-2021-09-20.pdf
2021-09-18 17:40 - 2021-09-18 17:40 - 000094726 _____ C:\Users\User\Downloads\Jesus Saved My Life - Faithlife Sermons.html
2021-09-18 17:40 - 2021-09-18 17:40 - 000000000 ____D C:\Users\User\Downloads\Jesus Saved My Life - Faithlife Sermons_files
2021-09-17 08:44 - 2021-09-17 08:44 - 000171087 _____ C:\Users\User\Desktop\A700000007405589.pdf
2021-09-17 08:44 - 2021-09-17 08:44 - 000108541 _____ C:\Users\User\Downloads\Phaseo Easy_ABL2REM24020H.pdf
2021-09-16 18:17 - 2021-09-16 18:17 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-16 18:17 - 2021-09-16 18:17 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-16 18:17 - 2021-09-16 18:17 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-16 18:17 - 2021-09-16 18:17 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-16 18:17 - 2021-09-16 18:17 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-16 18:17 - 2021-09-16 18:17 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-16 18:17 - 2021-09-16 18:17 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-16 18:17 - 2021-09-16 18:17 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-16 18:17 - 2021-09-16 18:17 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-16 18:16 - 2021-09-16 18:16 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-16 18:16 - 2021-09-16 18:16 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-16 18:16 - 2021-09-16 18:16 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-16 18:16 - 2021-09-16 18:16 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-16 18:16 - 2021-09-16 18:16 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-16 18:16 - 2021-09-16 18:16 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-16 18:16 - 2021-09-16 18:16 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 18:16 - 2021-09-16 18:16 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-16 18:11 - 2021-09-16 18:11 - 000000000 ___HD C:\$WinREAgent
2021-09-16 16:56 - 2021-09-16 16:56 - 000071428 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-17.pdf
2021-09-16 16:56 - 2021-09-16 16:56 - 000049014 _____ C:\Users\User\Downloads\labels-2021-09-17.pdf
2021-09-15 20:08 - 2021-09-15 20:08 - 000021695 _____ C:\Users\User\Downloads\1617291373_INV_BHX_SOT_2YU_20210914_091928.pdf
2021-09-15 20:08 - 2021-09-15 20:08 - 000010788 _____ C:\Users\User\Downloads\1617291373_AWB_BHX_SOT_77B_20210914_091947.pdf
2021-09-15 12:45 - 2021-09-15 12:45 - 000080621 _____ C:\Users\User\Downloads\labels-2021-09-16.pdf
2021-09-15 12:45 - 2021-09-15 12:45 - 000073308 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-16.pdf
2021-09-13 13:01 - 2021-09-13 13:01 - 000155329 _____ C:\Users\User\Desktop\OrdAck13569419.pdf
2021-09-13 09:12 - 2021-09-13 09:12 - 000187234 _____ C:\Users\User\Downloads\VAS_SK_2021 (1).pdf
2021-09-13 07:14 - 2021-09-13 07:14 - 000022675 _____ C:\Users\User\Downloads\9189063726_INV_BHX_SOT_NW1_20210910_121538.pdf
2021-09-13 07:14 - 2021-09-13 07:14 - 000010832 _____ C:\Users\User\Downloads\9189063726_AWB_BHX_SOT_OH8_20210910_121507.pdf
2021-09-12 09:23 - 2021-09-12 09:23 - 007244336 _____ C:\Users\User\Downloads\1. Podávanie liekov.pptx
2021-09-10 14:47 - 2021-09-10 14:47 - 000011838 _____ C:\Users\User\Downloads\POD_0160658-2021-09-03-1631278022996.tiff
2021-09-10 14:46 - 2021-09-10 14:46 - 000010183 _____ C:\Users\User\Downloads\POD_0160653-2021-09-07-1631277997090.tiff
2021-09-10 14:46 - 2021-09-10 14:46 - 000009395 _____ C:\Users\User\Downloads\POD_0160653-2021-09-03-1631278010530.tiff
2021-09-10 14:44 - 2021-09-10 14:44 - 000013221 _____ C:\Users\User\Downloads\POD_0160658-2021-09-10-1631277859051.tiff
2021-09-10 14:44 - 2021-09-10 14:44 - 000009720 _____ C:\Users\User\Downloads\POD_0160654-2021-09-10-1631277842086.tiff
2021-09-10 14:43 - 2021-09-10 14:43 - 000008974 _____ C:\Users\User\Downloads\POD_0160651-2021-09-10-1631277790101.tiff
2021-09-10 10:02 - 2021-09-10 10:02 - 002024691 _____ C:\Users\User\Downloads\azazm-200-b30-ltag1p1-2021-09-10-08-02.pdf
2021-09-10 10:00 - 2021-09-10 10:00 - 002022102 _____ C:\Users\User\Downloads\azazm-200-b30-rtag1p1-2021-09-10-08-00.pdf
2021-09-10 09:59 - 2021-09-10 09:59 - 000580874 _____ C:\Users\User\Downloads\azazm-200-b30-ltag1p20-2021-09-10-07-59.pdf
2021-09-10 09:30 - 2021-09-10 09:30 - 001371460 _____ C:\Users\User\Downloads\azm-200sk-t-1p2pwa-2021-09-10-07-30.pdf
2021-09-10 09:22 - 2021-09-10 09:22 - 000168100 _____ C:\Users\User\Desktop\Qte13559915.pdf
2021-09-09 17:49 - 2021-09-09 17:49 - 000122373 _____ C:\Users\User\Desktop\Detail platby v PDF.pdf
2021-09-09 16:47 - 2021-09-09 16:47 - 000510970 _____ C:\Users\User\Desktop\Credit Application UK.pdf
2021-09-09 13:44 - 2021-09-09 13:44 - 000111836 _____ C:\Users\User\Downloads\labels-2021-09-09.pdf
2021-09-09 13:44 - 2021-09-09 13:44 - 000073067 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-09.pdf
2021-09-09 13:23 - 2021-09-09 13:23 - 000277882 _____ C:\Users\User\Desktop\edb_6814020_ces_cz.pdf
2021-09-09 13:23 - 2021-09-09 13:23 - 000277856 _____ C:\Users\User\Desktop\edb_6814034_ces_cz.pdf
2021-09-09 10:10 - 2021-09-09 10:10 - 000326602 _____ C:\Users\User\Desktop\Ponuka1211002343.pdf
2021-09-09 10:07 - 2021-09-09 10:07 - 000033570 _____ C:\Users\User\Desktop\Dobropis_Strojal.pdf
2021-09-08 20:13 - 2021-09-08 20:13 - 000161092 _____ C:\Users\User\Desktop\OrdAck13555639.pdf
2021-09-07 15:05 - 2021-09-07 15:05 - 001237992 _____ C:\Users\User\Desktop\RE18325-90.pdf
2021-09-07 15:05 - 2021-09-07 15:05 - 000432073 _____ C:\Users\User\Desktop\D36_OD15X17YZ_RE18323-34.pdf
2021-09-07 12:45 - 2021-09-07 12:45 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-07 12:45 - 2021-09-07 12:45 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-06 15:38 - 2021-09-06 15:38 - 000072099 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-06.pdf
2021-09-06 15:38 - 2021-09-06 15:38 - 000049283 _____ C:\Users\User\Downloads\labels-2021-09-06.pdf
2021-09-06 14:31 - 2021-09-06 14:31 - 000309224 _____ C:\Users\User\Desktop\211604.pdf
2021-09-06 08:20 - 2021-09-06 08:20 - 000207776 _____ C:\Users\User\Downloads\Gavazzi_2019-2020.xlsx
2021-09-05 19:18 - 2021-09-05 19:18 - 000022283 _____ C:\Users\User\Downloads\document (19).pdf
2021-09-03 09:21 - 2021-09-03 09:21 - 002538281 _____ C:\Users\User\Downloads\Data_Sheet_CP70QXVT80_EN.PDF
2021-09-03 09:08 - 2021-09-03 09:08 - 000453701 _____ C:\Users\User\Downloads\Data_Sheet_ZAS89R602_EN.PDF
2021-09-02 14:16 - 2021-09-02 14:16 - 000171970 _____ C:\Users\User\Downloads\Usmernenie-pre-rodičov-platba-ŠJ-(1).pdf
2021-09-02 13:08 - 2021-09-02 13:08 - 000072015 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-02.pdf
2021-09-02 13:06 - 2021-09-02 13:06 - 000080576 _____ C:\Users\User\Downloads\labels-2021-09-02.pdf
2021-09-02 11:41 - 2021-09-02 11:41 - 000551043 _____ C:\Users\User\Desktop\Lek_potvrdenie.pdf
2021-09-01 17:47 - 2021-09-01 17:47 - 001024942 _____ C:\Users\User\Desktop\bezpríznakovosť.pdf
2021-09-01 17:45 - 2021-09-01 17:45 - 000406141 _____ C:\Users\User\Desktop\bezinfekčnosť.pdf
2021-08-31 19:43 - 2021-08-31 19:43 - 000022211 _____ C:\Users\User\Downloads\document (18).pdf
2021-08-31 19:41 - 2021-08-31 19:41 - 000022271 _____ C:\Users\User\Downloads\document (17).pdf
2021-08-27 13:57 - 2021-08-27 13:57 - 001074246 _____ C:\Users\User\Desktop\lkl.bmp
2021-08-26 13:31 - 2021-08-26 13:32 - 000070981 _____ C:\Users\User\Downloads\faktura-210215560.pdf
2021-08-26 13:31 - 2021-08-26 13:31 - 000070981 _____ C:\Users\User\Downloads\faktura-210215560 (1).pdf
2021-08-25 20:06 - 2021-08-25 20:06 - 000072292 _____ C:\Users\User\Downloads\acceptance-protocol-2021-08-26.pdf
2021-08-25 20:05 - 2021-08-25 20:05 - 000046483 _____ C:\Users\User\Downloads\labels-2021-08-26.pdf
2021-08-24 11:32 - 2021-08-24 11:32 - 000080530 _____ C:\Users\User\Downloads\labels-2021-08-24.pdf
2021-08-24 11:32 - 2021-08-24 11:32 - 000072956 _____ C:\Users\User\Downloads\acceptance-protocol-2021-08-24.pdf
2021-08-24 10:44 - 2021-08-24 10:45 - 001606334 _____ C:\Users\User\Downloads\Vyhlásenie.pdf
2021-08-24 10:40 - 2021-08-24 10:40 - 001606334 _____ C:\Users\User\Desktop\Vyhlásenie.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-23 15:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-23 15:43 - 2018-12-17 13:35 - 000000000 ____D C:\Users\User\Documents\Súbory programu Outlook
2021-09-23 15:39 - 2018-12-19 12:45 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-23 15:38 - 2019-12-28 10:58 - 000000000 ____D C:\Users\User\AppData\Roaming\Seznam.cz
2021-09-23 15:37 - 2020-08-10 23:41 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-23 15:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-23 15:33 - 2020-08-10 23:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-23 15:33 - 2020-08-10 23:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-23 15:33 - 2020-08-10 23:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-23 15:33 - 2018-12-17 12:55 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-09-23 15:33 - 2018-12-14 13:52 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-23 15:33 - 2018-12-14 13:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-09-23 15:33 - 2018-12-14 13:49 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2021-09-23 15:10 - 2020-02-14 12:12 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-23 15:10 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-22 13:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-22 13:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-21 12:36 - 2018-12-14 14:39 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2021-09-21 08:29 - 2020-08-10 23:42 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-720725377-2809074183-169206472-1001
2021-09-21 08:29 - 2020-08-10 23:36 - 000002364 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-20 17:51 - 2020-03-24 17:55 - 000000000 ____D C:\Users\User\Desktop\Bazos
2021-09-20 14:17 - 2021-05-03 10:11 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-09-20 14:17 - 2021-05-03 10:11 - 000002475 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-09-20 10:26 - 2020-02-04 17:52 - 000000000 ____D C:\Users\User\Desktop\Rozvoz
2021-09-19 16:02 - 2020-08-10 23:42 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-18 18:55 - 2020-08-10 23:42 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-18 18:55 - 2020-08-10 23:42 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-18 18:55 - 2020-08-10 23:42 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-18 18:55 - 2020-08-10 23:42 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-09-18 18:55 - 2020-08-10 23:42 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-18 18:55 - 2020-08-10 23:42 - 000002712 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Photosmart 5510 series
2021-09-18 18:55 - 2020-08-10 23:42 - 000002346 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2021-09-18 18:55 - 2020-08-10 23:42 - 000002288 _____ C:\WINDOWS\system32\Tasks\RtHDVBg
2021-09-18 18:55 - 2020-08-10 23:42 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-09-18 18:55 - 2020-08-10 23:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-18 17:26 - 2020-06-05 17:39 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 17:26 - 2020-06-05 17:39 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-16 20:35 - 2020-08-10 23:35 - 000346800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-16 20:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-16 18:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-15 20:06 - 2018-12-17 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 20:05 - 2018-12-17 13:25 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 12:15 - 2019-10-16 09:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-14 08:54 - 2018-12-19 12:45 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-14 08:54 - 2018-12-19 12:45 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-11 11:49 - 2021-01-24 21:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-07 12:46 - 2020-02-14 12:15 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-07 12:45 - 2020-10-22 07:48 - 000184120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-07 12:45 - 2020-04-21 10:13 - 000538464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000553496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000367632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000250384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000221584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000107840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-07 12:45 - 2020-02-14 12:15 - 000035712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-07 12:45 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by User (23-09-2021 15:50:56)
Running from C:\Users\User\Desktop
Windows 10 Home Version 21H1 19043.1237 (X64) (2020-08-10 21:42:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-720725377-2809074183-169206472-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-720725377-2809074183-169206472-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-720725377-2809074183-169206472-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-720725377-2809074183-169206472-501 - Limited - Disabled)
User (S-1-5-21-720725377-2809074183-169206472-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-720725377-2809074183-169206472-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.7.2481 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 93.0.11965.83 - Autori prehliadača Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balík softvéru eID (HKLM-x32\...\{69aff1f0-e530-4ac2-ab4f-88cb85aef940}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
CDRoller (HKLM-x32\...\CDRoller_is1) (Version: 11.50 - Digital Atlantic Corp.)
CEWE fotosvet (HKLM-x32\...\CEWE fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
DiskInternals CD-DVD Recovery (HKLM-x32\...\DiskInternals CD-DVD Recovery) (Version: 4.5 - DiskInternals Research)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{CBB98874-7884-4CC1-A78C-CB53C62BC77B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Office 2013 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 15.0.5381.1000 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5381.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5381.1000 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
STORMWARE POHODA SK Standard (HKLM-x32\...\{1D355597-5580-45FC-8420-31E44A009682}) (Version: 12000.158 - STORMWARE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebAdvisor od McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.627 - McAfee, LLC)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\ZoomUMX) (Version: 5.2.1 (44052.0816) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-12-10] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.8.33.0_x86__kgqvnymyfvs32 [2021-08-29] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.202.400.0_x86__kgqvnymyfvs32 [2021-09-16] (king.com)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6 [2021-08-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.3004.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Studios)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-12-17] (Plex)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-720725377-2809074183-169206472-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4-x32: [DiskInternals_cd_recovery] -> {6DD33479-D4D0-4666-93C8-F6DC46668518} => C:\Program Files (x86)\DiskInternals\CD and DVD Recovery\contmenu.dll [2005-01-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-720725377-2809074183-169206472-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {07CC2C80-EC94-4742-8933-59C58BAC5D7D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {09097C45-AE3A-4C75-8ED1-61B091490783} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {29050AAB-F362-41C5-B4A9-566A71068A8D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {4446F04B-5B74-4C83-A913-295EC60DF418} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {63869A10-1D38-4907-87F1-D0565B32A3C6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {C704FA26-A3AA-42F4-BC70-B5C74696422E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {D59B135F-CDA0-4D85-84A1-9434A4B852DA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {EA2E8D7F-3A8C-499F-87CB-7753D886B789} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {EA9A2917-1EA5-4F54-A174-E58EA960A1B0} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_40139
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-09-10] (McAfee, LLC -> McAfee, LLC)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-09-10] (McAfee, LLC -> McAfee, LLC)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2018-12-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-720725377-2809074183-169206472-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-720725377-2809074183-169206472-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D2AEA163-061F-4730-900C-9CFBD03BC44A}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe => No File
FirewallRules: [TCP Query User{A507C8F4-12ED-4290-958E-85A5213AE488}C:\program files (x86)\wondershare\mobilego\mobilego.exe] => (Allow) C:\program files (x86)\wondershare\mobilego\mobilego.exe => No File
FirewallRules: [UDP Query User{FCED5183-176C-4180-A30E-C134B427F6E4}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe => No File
FirewallRules: [TCP Query User{CD13DE40-DE65-4ABB-9431-AAF3AC4C52C6}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe => No File
FirewallRules: [{033914AF-C17A-4B4C-B588-8740696A01CA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E5A13DA7-7529-415E-A474-8BDAA6C6ED54}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A1E77817-3C1C-4859-89F0-9FBDACAA9C13}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6D153755-796C-4C98-AEC9-977AF9610A2D}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F73D0507-0D19-4182-BCE9-5C7524E3F205}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{2638669F-8FE8-4F19-953C-9CAB0C6A9E4F}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{F93E3208-3813-4248-BED5-7E7A8C6E842D}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{DE575959-ECF1-4FA3-A255-5DC82D5E953D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC77456E-6934-4129-932D-D8D05FB4507E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6709F241-CB7F-41A2-A14C-39FF6906861C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99861707-BE79-4134-A607-A29EFC0055E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5959957-49C2-4199-BF5F-94225F4EF71A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{808FDF2C-58EF-4005-B5AA-2205D47BE4D8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C3C2ED0A-D394-4045-80A5-6EF6D0E8E3D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{97FAD512-82BD-4ED8-9474-65913BF698D8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

16-09-2021 18:11:00 Inštalátor modulov systému Windows
16-09-2021 18:12:28 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/23/2021 03:37:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 03:37:38 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 03:33:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\User\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/22/2021 02:37:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Data2 (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (09/22/2021 02:37:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Data1 (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (09/18/2021 05:25:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\User\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/16/2021 08:43:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/16/2021 08:42:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (09/23/2021 03:33:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 15:10:30 on ‎23. ‎9. ‎2021 was unexpected.

Error: (09/19/2021 07:05:25 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:40 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:39 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:39 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:39 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/19/2021 04:33:39 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (09/17/2021 12:41:55 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.


CodeIntegrity:
===============
Date: 2021-09-23 15:35:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-23 15:34:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. N551JK.203 10/06/2014
Motherboard: ASUSTeK COMPUTER INC. N551JK
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 16266.93 MB
Available physical RAM: 11120.45 MB
Total Virtual: 18698.93 MB
Available Virtual: 13607.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.43 GB) (Free:345.37 GB) NTFS
Drive d: (Data1) (Fixed) (Total:465.75 GB) (Free:443.18 GB) NTFS
Drive e: (Data2) (Fixed) (Total:465.76 GB) (Free:218.94 GB) NTFS

\\?\Volume{4e1157a8-8a06-4776-82eb-99e719e120c7}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{b2c9be00-b7a9-4eab-85b4-06dc756f4ba2}\ () (Fixed) (Total:0.77 GB) (Free:0.3 GB) NTFS
\\?\Volume{b7f18c1f-27d0-4ff3-94a5-d67868496981}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0AA68AE5)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: mail spam

Napsal: 23 zář 2021 15:49
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: mail spam

Napsal: 23 zář 2021 16:11
od mill
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-23-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\User\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam doplněk - Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2693 octets] - [23/09/2021 17:09:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: mail spam

Napsal: 23 zář 2021 16:50
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: mail spam

Napsal: 23 zář 2021 16:59
od mill
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by User (administrator) on DESKTOP-P95Q40E (ASUSTeK COMPUTER INC. N551JK) (23-09-2021 17:55:01)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Windows 10 Home Version 21H1 19043.1237 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [Chromium] => "c:\users\user\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {7f8af7b5-41f0-11ea-8ebb-4851b7138719} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501eeb5-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501f0dd-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP a111 Status Monitor: C:\WINDOWS\system32\hpinkstsa111LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\system32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\Installer\chrmstp.exe [2021-09-20] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series.lnk [2021-09-23]
ShortcutAndArgument: Monitor Ink Alerts - HP Photosmart 5510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2293547L05V3;CONNECTION=USB;MONITOR=1;
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {042D4500-C367-4365-B375-D9A4CE08CAF3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {05D7FB9E-83B3-406D-8685-79CB895FE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {1983221E-9AA5-417F-813D-55473311DF86} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4929304 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
Task: {1E50FF66-B8E0-4F34-8A93-4E712E831191} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {39A51E71-D1AA-483B-8B32-9DD965D00AE7} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {48750B08-421E-46D6-A82B-5C2FD5AC10C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {4DABDBFF-A829-4259-A025-E15F46DD4FD2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF54682-F8D4-4F80-BD9A-087B98D87444} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {644B461C-F4DA-46C5-BCD8-BCE1C94A95FF} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2299360 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
Task: {6975DB66-C9AF-45D0-B20B-A9453B5B231E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
Task: {8C78F666-4D55-4F41-AEF8-0A3A251F4124} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9497FDE3-5F79-4F75-9D7D-6600DCF86C3E} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {BFCB5489-4ED1-4B2F-B74A-6B48FDA4961B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {CEA910B9-2AA9-430B-A8CD-8AB115304207} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D6A64115-CC87-4E74-AD85-DA2A0359CC20} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
Task: {E8EE3DE0-BB54-42D7-8F2C-612E17D72DF4} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{815a018e-e26b-4ae1-8407-2f65725776f7}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{a9c99418-d348-4f0e-8f77-a9f80205966d}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-23]
Edge DownloadDir: Default -> C:\Users\User\Downloads
Edge StartupUrls: Default -> "hxxps://google.sk/"

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-09-10] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2018-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-09-23]
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"

CHR Extension: (Prezentácie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-19]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-19]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Seznam doplněk - Email) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-19]
CHR Extension: (Tabuľky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-08-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-23]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8323664 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-03] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\93.0.11965.83\elevation_service.exe [1436280 2021-09-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2021-09-10] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221600 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369176 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250408 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99368 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41368 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538480 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107864 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851712 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557152 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-23] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R1 RawDisk3; C:\WINDOWS\system32\drivers\rawdsk3.sys [31040 2014-04-29] (IPTS Alisa, OOO -> EldoS Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-23 17:31 - 2021-09-23 17:31 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-23 17:31 - 2021-09-23 17:31 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-23 17:09 - 2021-09-23 17:10 - 000000000 ____D C:\AdwCleaner
2021-09-23 17:07 - 2021-09-23 17:07 - 008553680 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner_8.3.0.exe
2021-09-23 15:50 - 2021-09-23 15:52 - 000024218 _____ C:\Users\User\Desktop\Addition.txt
2021-09-23 15:49 - 2021-09-23 17:55 - 000021200 _____ C:\Users\User\Desktop\FRST.txt
2021-09-23 15:48 - 2021-09-23 17:55 - 000000000 ____D C:\FRST
2021-09-23 15:46 - 2021-09-23 15:46 - 002304512 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2021-09-22 14:11 - 2021-09-22 14:11 - 000073136 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-23.pdf
2021-09-22 14:11 - 2021-09-22 14:11 - 000049231 _____ C:\Users\User\Downloads\labels-2021-09-23.pdf
2021-09-22 10:37 - 2021-09-22 10:37 - 000071874 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-22.pdf
2021-09-22 10:36 - 2021-09-22 10:36 - 000048997 _____ C:\Users\User\Downloads\labels-2021-09-22.pdf
2021-09-21 15:06 - 2021-09-21 15:06 - 000010995 _____ C:\Users\User\Downloads\POD_0160658-2021-09-21-1632229618143.tiff
2021-09-19 11:26 - 2021-09-19 11:26 - 000072114 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-20.pdf
2021-09-19 11:26 - 2021-09-19 11:26 - 000049280 _____ C:\Users\User\Downloads\labels-2021-09-20.pdf
2021-09-18 17:40 - 2021-09-18 17:40 - 000094726 _____ C:\Users\User\Downloads\Jesus Saved My Life - Faithlife Sermons.html
2021-09-18 17:40 - 2021-09-18 17:40 - 000000000 ____D C:\Users\User\Downloads\Jesus Saved My Life - Faithlife Sermons_files
2021-09-17 08:44 - 2021-09-17 08:44 - 000108541 _____ C:\Users\User\Downloads\Phaseo Easy_ABL2REM24020H.pdf
2021-09-16 18:17 - 2021-09-16 18:17 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-16 18:17 - 2021-09-16 18:17 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-16 18:17 - 2021-09-16 18:17 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-16 18:17 - 2021-09-16 18:17 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-16 18:17 - 2021-09-16 18:17 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-16 18:17 - 2021-09-16 18:17 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-16 18:17 - 2021-09-16 18:17 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-16 18:17 - 2021-09-16 18:17 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-16 18:17 - 2021-09-16 18:17 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-16 18:17 - 2021-09-16 18:17 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-16 18:16 - 2021-09-16 18:16 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-16 18:16 - 2021-09-16 18:16 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-16 18:16 - 2021-09-16 18:16 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-16 18:16 - 2021-09-16 18:16 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-16 18:16 - 2021-09-16 18:16 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-16 18:16 - 2021-09-16 18:16 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-16 18:16 - 2021-09-16 18:16 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 18:16 - 2021-09-16 18:16 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-16 18:11 - 2021-09-16 18:11 - 000000000 ___HD C:\$WinREAgent
2021-09-16 16:56 - 2021-09-16 16:56 - 000071428 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-17.pdf
2021-09-16 16:56 - 2021-09-16 16:56 - 000049014 _____ C:\Users\User\Downloads\labels-2021-09-17.pdf
2021-09-15 20:08 - 2021-09-15 20:08 - 000021695 _____ C:\Users\User\Downloads\1617291373_INV_BHX_SOT_2YU_20210914_091928.pdf
2021-09-15 20:08 - 2021-09-15 20:08 - 000010788 _____ C:\Users\User\Downloads\1617291373_AWB_BHX_SOT_77B_20210914_091947.pdf
2021-09-15 12:45 - 2021-09-15 12:45 - 000080621 _____ C:\Users\User\Downloads\labels-2021-09-16.pdf
2021-09-15 12:45 - 2021-09-15 12:45 - 000073308 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-16.pdf
2021-09-13 09:12 - 2021-09-13 09:12 - 000187234 _____ C:\Users\User\Downloads\VAS_SK_2021 (1).pdf
2021-09-13 07:14 - 2021-09-13 07:14 - 000022675 _____ C:\Users\User\Downloads\9189063726_INV_BHX_SOT_NW1_20210910_121538.pdf
2021-09-13 07:14 - 2021-09-13 07:14 - 000010832 _____ C:\Users\User\Downloads\9189063726_AWB_BHX_SOT_OH8_20210910_121507.pdf
2021-09-12 09:23 - 2021-09-12 09:23 - 007244336 _____ C:\Users\User\Downloads\1. Podávanie liekov.pptx
2021-09-10 14:47 - 2021-09-10 14:47 - 000011838 _____ C:\Users\User\Downloads\POD_0160658-2021-09-03-1631278022996.tiff
2021-09-10 14:46 - 2021-09-10 14:46 - 000010183 _____ C:\Users\User\Downloads\POD_0160653-2021-09-07-1631277997090.tiff
2021-09-10 14:46 - 2021-09-10 14:46 - 000009395 _____ C:\Users\User\Downloads\POD_0160653-2021-09-03-1631278010530.tiff
2021-09-10 14:44 - 2021-09-10 14:44 - 000013221 _____ C:\Users\User\Downloads\POD_0160658-2021-09-10-1631277859051.tiff
2021-09-10 14:44 - 2021-09-10 14:44 - 000009720 _____ C:\Users\User\Downloads\POD_0160654-2021-09-10-1631277842086.tiff
2021-09-10 14:43 - 2021-09-10 14:43 - 000008974 _____ C:\Users\User\Downloads\POD_0160651-2021-09-10-1631277790101.tiff
2021-09-10 10:02 - 2021-09-10 10:02 - 002024691 _____ C:\Users\User\Downloads\azazm-200-b30-ltag1p1-2021-09-10-08-02.pdf
2021-09-10 10:00 - 2021-09-10 10:00 - 002022102 _____ C:\Users\User\Downloads\azazm-200-b30-rtag1p1-2021-09-10-08-00.pdf
2021-09-10 09:59 - 2021-09-10 09:59 - 000580874 _____ C:\Users\User\Downloads\azazm-200-b30-ltag1p20-2021-09-10-07-59.pdf
2021-09-10 09:30 - 2021-09-10 09:30 - 001371460 _____ C:\Users\User\Downloads\azm-200sk-t-1p2pwa-2021-09-10-07-30.pdf
2021-09-09 13:44 - 2021-09-09 13:44 - 000111836 _____ C:\Users\User\Downloads\labels-2021-09-09.pdf
2021-09-09 13:44 - 2021-09-09 13:44 - 000073067 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-09.pdf
2021-09-06 15:38 - 2021-09-06 15:38 - 000072099 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-06.pdf
2021-09-06 15:38 - 2021-09-06 15:38 - 000049283 _____ C:\Users\User\Downloads\labels-2021-09-06.pdf
2021-09-06 08:20 - 2021-09-06 08:20 - 000207776 _____ C:\Users\User\Downloads\Gavazzi_2019-2020.xlsx
2021-09-05 19:18 - 2021-09-05 19:18 - 000022283 _____ C:\Users\User\Downloads\document (19).pdf
2021-09-03 09:21 - 2021-09-03 09:21 - 002538281 _____ C:\Users\User\Downloads\Data_Sheet_CP70QXVT80_EN.PDF
2021-09-03 09:08 - 2021-09-03 09:08 - 000453701 _____ C:\Users\User\Downloads\Data_Sheet_ZAS89R602_EN.PDF
2021-09-02 14:16 - 2021-09-02 14:16 - 000171970 _____ C:\Users\User\Downloads\Usmernenie-pre-rodičov-platba-ŠJ-(1).pdf
2021-09-02 13:08 - 2021-09-02 13:08 - 000072015 _____ C:\Users\User\Downloads\acceptance-protocol-2021-09-02.pdf
2021-09-02 13:06 - 2021-09-02 13:06 - 000080576 _____ C:\Users\User\Downloads\labels-2021-09-02.pdf
2021-08-31 19:43 - 2021-08-31 19:43 - 000022211 _____ C:\Users\User\Downloads\document (18).pdf
2021-08-31 19:41 - 2021-08-31 19:41 - 000022271 _____ C:\Users\User\Downloads\document (17).pdf
2021-08-26 13:31 - 2021-08-26 13:32 - 000070981 _____ C:\Users\User\Downloads\faktura-210215560.pdf
2021-08-26 13:31 - 2021-08-26 13:31 - 000070981 _____ C:\Users\User\Downloads\faktura-210215560 (1).pdf
2021-08-25 20:06 - 2021-08-25 20:06 - 000072292 _____ C:\Users\User\Downloads\acceptance-protocol-2021-08-26.pdf
2021-08-25 20:05 - 2021-08-25 20:05 - 000046483 _____ C:\Users\User\Downloads\labels-2021-08-26.pdf
2021-08-24 11:32 - 2021-08-24 11:32 - 000080530 _____ C:\Users\User\Downloads\labels-2021-08-24.pdf
2021-08-24 11:32 - 2021-08-24 11:32 - 000072956 _____ C:\Users\User\Downloads\acceptance-protocol-2021-08-24.pdf
2021-08-24 10:44 - 2021-08-24 10:45 - 001606334 _____ C:\Users\User\Downloads\Vyhlásenie.pdf
2021-08-24 10:40 - 2021-08-24 10:40 - 001606334 _____ C:\Users\User\Desktop\Vyhlásenie.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-23 17:50 - 2018-12-17 13:35 - 000000000 ____D C:\Users\User\Documents\Súbory programu Outlook
2021-09-23 17:40 - 2020-08-10 23:41 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-23 17:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-23 17:39 - 2018-12-19 12:45 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-23 17:33 - 2020-02-14 12:12 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-23 17:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-23 17:32 - 2020-08-10 23:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-23 17:32 - 2020-08-10 23:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-23 17:32 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-23 17:32 - 2018-12-14 13:52 - 000000000 ____D C:\ProgramData\NVIDIA
2021-09-23 17:32 - 2018-12-14 13:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-09-23 17:32 - 2018-12-14 13:49 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2021-09-23 17:31 - 2021-05-28 08:59 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-09-23 17:31 - 2020-10-22 07:48 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-23 17:31 - 2020-08-10 23:42 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-23 17:31 - 2020-04-21 10:13 - 000538480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000851712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000557152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000369176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000250408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000221600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000107864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000099368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000041368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-23 17:31 - 2020-02-14 12:15 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-23 17:31 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-23 17:10 - 2018-12-14 13:51 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-09-23 17:05 - 2020-08-10 23:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-23 16:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-23 16:28 - 2021-08-17 09:42 - 000000000 ____D C:\WINDOWS\Minidump
2021-09-23 16:28 - 2020-08-09 17:49 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-23 16:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-23 16:28 - 2019-05-07 12:41 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2021-09-23 16:28 - 2018-12-17 18:57 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2021-09-23 16:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-23 15:33 - 2018-12-17 12:55 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-09-21 12:36 - 2018-12-14 14:39 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2021-09-21 08:29 - 2020-08-10 23:42 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-720725377-2809074183-169206472-1001
2021-09-21 08:29 - 2020-08-10 23:36 - 000002364 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-20 14:17 - 2021-05-03 10:11 - 000002510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-09-20 14:17 - 2021-05-03 10:11 - 000002475 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-09-20 10:26 - 2020-02-04 17:52 - 000000000 ____D C:\Users\User\Desktop\Rozvoz
2021-09-18 18:55 - 2020-08-10 23:42 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-09-18 18:55 - 2020-08-10 23:42 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-18 18:55 - 2020-08-10 23:42 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-18 18:55 - 2020-08-10 23:42 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-09-18 18:55 - 2020-08-10 23:42 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-18 18:55 - 2020-08-10 23:42 - 000002712 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Photosmart 5510 series
2021-09-18 18:55 - 2020-08-10 23:42 - 000002346 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2021-09-18 18:55 - 2020-08-10 23:42 - 000002288 _____ C:\WINDOWS\system32\Tasks\RtHDVBg
2021-09-18 18:55 - 2020-08-10 23:42 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2021-09-18 18:55 - 2020-08-10 23:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-18 17:26 - 2020-06-05 17:39 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 17:26 - 2020-06-05 17:39 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-16 20:35 - 2020-08-10 23:35 - 000346800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-16 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-16 20:34 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-16 18:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-15 20:06 - 2018-12-17 13:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 20:05 - 2018-12-17 13:25 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 12:15 - 2019-10-16 09:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-14 08:54 - 2018-12-19 12:45 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-14 08:54 - 2018-12-19 12:45 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-11 11:49 - 2021-01-24 21:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by User (23-09-2021 17:56:08)
Running from C:\Users\User\Desktop
Windows 10 Home Version 21H1 19043.1237 (X64) (2020-08-10 21:42:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-720725377-2809074183-169206472-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-720725377-2809074183-169206472-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-720725377-2809074183-169206472-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-720725377-2809074183-169206472-501 - Limited - Disabled)
User (S-1-5-21-720725377-2809074183-169206472-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-720725377-2809074183-169206472-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.8.2487 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 93.0.11965.83 - Autori prehliadača Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balík softvéru eID (HKLM-x32\...\{69aff1f0-e530-4ac2-ab4f-88cb85aef940}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
CDRoller (HKLM-x32\...\CDRoller_is1) (Version: 11.50 - Digital Atlantic Corp.)
CEWE fotosvet (HKLM-x32\...\CEWE fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA)
DiskInternals CD-DVD Recovery (HKLM-x32\...\DiskInternals CD-DVD Recovery) (Version: 4.5 - DiskInternals Research)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{CBB98874-7884-4CC1-A78C-CB53C62BC77B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.52 - Microsoft Corporation)
Microsoft Office 2013 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 15.0.5381.1000 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\OneDriveSetup.exe) (Version: 21.170.0822.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5381.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5381.1000 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
STORMWARE POHODA SK Standard (HKLM-x32\...\{1D355597-5580-45FC-8420-31E44A009682}) (Version: 12000.158 - STORMWARE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{EC4F72E8-52FE-454E-B70F-DBE5C0FA44C5}) (Version: 1.20.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WebAdvisor od McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.627 - McAfee, LLC)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\ZoomUMX) (Version: 5.2.1 (44052.0816) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-12-10] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.8.33.0_x86__kgqvnymyfvs32 [2021-08-29] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.202.400.0_x86__kgqvnymyfvs32 [2021-09-16] (king.com)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6 [2021-08-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.3004.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Studios)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-12-17] (Plex)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4-x32: [DiskInternals_cd_recovery] -> {6DD33479-D4D0-4666-93C8-F6DC46668518} => C:\Program Files (x86)\DiskInternals\CD and DVD Recovery\contmenu.dll [2005-01-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-720725377-2809074183-169206472-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {07CC2C80-EC94-4742-8933-59C58BAC5D7D} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {09097C45-AE3A-4C75-8ED1-61B091490783} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {29050AAB-F362-41C5-B4A9-566A71068A8D} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {4446F04B-5B74-4C83-A913-295EC60DF418} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {63869A10-1D38-4907-87F1-D0565B32A3C6} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {C704FA26-A3AA-42F4-BC70-B5C74696422E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {D59B135F-CDA0-4D85-84A1-9434A4B852DA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {EA2E8D7F-3A8C-499F-87CB-7753D886B789} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_40139
SearchScopes: HKU\S-1-5-21-720725377-2809074183-169206472-1001 -> {EA9A2917-1EA5-4F54-A174-E58EA960A1B0} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_40139
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-09-10] (McAfee, LLC -> McAfee, LLC)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-09-10] (McAfee, LLC -> McAfee, LLC)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2018-12-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-720725377-2809074183-169206472-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-720725377-2809074183-169206472-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{033914AF-C17A-4B4C-B588-8740696A01CA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E5A13DA7-7529-415E-A474-8BDAA6C6ED54}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A1E77817-3C1C-4859-89F0-9FBDACAA9C13}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{6D153755-796C-4C98-AEC9-977AF9610A2D}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F73D0507-0D19-4182-BCE9-5C7524E3F205}] => (Allow) C:\Users\User\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{DE575959-ECF1-4FA3-A255-5DC82D5E953D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC77456E-6934-4129-932D-D8D05FB4507E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6709F241-CB7F-41A2-A14C-39FF6906861C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99861707-BE79-4134-A607-A29EFC0055E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D5959957-49C2-4199-BF5F-94225F4EF71A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{808FDF2C-58EF-4005-B5AA-2205D47BE4D8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C3C2ED0A-D394-4045-80A5-6EF6D0E8E3D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{97FAD512-82BD-4ED8-9474-65913BF698D8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{14D09AC3-132B-47CE-8B8E-88DE1425F417}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{76C44622-5CC3-468A-A0F5-B6C687D7801A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

16-09-2021 18:11:00 Inštalátor modulov systému Windows
16-09-2021 18:12:28 Inštalátor modulov systému Windows
23-09-2021 17:10:25 AdwCleaner_BeforeCleaning_23/09/2021_17:10:24

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/23/2021 05:40:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 05:40:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 05:33:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\User\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/23/2021 05:20:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 05:20:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 05:14:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Users\User\AppData\Local\chromium\Application\chrome.exe".
Dependent Assembly 63.0.3237.0,language="&#x2a;",type="win32",version="63.0.3237.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (09/23/2021 04:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/23/2021 04:43:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Klikni a spusti balíka Microsoft Office sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/23/2021 05:10:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/23/2021 04:32:01 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-P95Q40E)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


CodeIntegrity:
===============
Date: 2021-09-23 17:54:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-23 17:39:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-09-23 17:34:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. N551JK.203 10/06/2014
Motherboard: ASUSTeK COMPUTER INC. N551JK
Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 25%
Total physical RAM: 16266.93 MB
Available physical RAM: 12199.14 MB
Total Virtual: 18698.93 MB
Available Virtual: 14750.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.43 GB) (Free:348.21 GB) NTFS
Drive d: (Data1) (Fixed) (Total:465.75 GB) (Free:443.04 GB) NTFS
Drive e: (Data2) (Fixed) (Total:465.76 GB) (Free:218.94 GB) NTFS

\\?\Volume{4e1157a8-8a06-4776-82eb-99e719e120c7}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{b2c9be00-b7a9-4eab-85b4-06dc756f4ba2}\ () (Fixed) (Total:0.77 GB) (Free:0.3 GB) NTFS
\\?\Volume{b7f18c1f-27d0-4ff3-94a5-d67868496981}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0AA68AE5)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: mail spam

Napsal: 23 zář 2021 18:06
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {7f8af7b5-41f0-11ea-8ebb-4851b7138719} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501eeb5-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501f0dd-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {05D7FB9E-83B3-406D-8685-79CB895FE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {48750B08-421E-46D6-A82B-5C2FD5AC10C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
Uložte do C:\Users\User\Desktop jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: mail spam

Napsal: 23 zář 2021 18:30
od mill
Nič sa neobjavilo, ale je to asi toto:

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by User (23-09-2021 19:27:50) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: defaultuser0 & User
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {7f8af7b5-41f0-11ea-8ebb-4851b7138719} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501eeb5-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-720725377-2809074183-169206472-1001\...\MountPoints2: {c501f0dd-559c-11eb-8edb-7824afcb1eb9} - "G:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {05D7FB9E-83B3-406D-8685-79CB895FE705} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Task: {48750B08-421E-46D6-A82B-5C2FD5AC10C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2018-12-19] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f8af7b5-41f0-11ea-8ebb-4851b7138719} => removed successfully
HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c501eeb5-559c-11eb-8edb-7824afcb1eb9} => removed successfully
HKU\S-1-5-21-720725377-2809074183-169206472-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c501f0dd-559c-11eb-8edb-7824afcb1eb9} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{05D7FB9E-83B3-406D-8685-79CB895FE705}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{05D7FB9E-83B3-406D-8685-79CB895FE705}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48750B08-421E-46D6-A82B-5C2FD5AC10C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48750B08-421E-46D6-A82B-5C2FD5AC10C6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11693132 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 802730 B
Edge => 4096 B
Chrome => 299008 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14448 B
NetworkService => 17406 B
defaultuser0 => 17406 B
User => 8004031 B

RecycleBin => 0 B
EmptyTemp: => 21.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:28:00 ====

Re: mail spam

Napsal: 23 zář 2021 18:47
od Rudy
Ano, je to ono. Bylo smazáno. Nastala nějaká změna?

Re: mail spam

Napsal: 23 zář 2021 19:20
od mill
Zmena v tom mojom probléme ani nie, ale zistil som medzičasom, že problém robí AVAST, keď ho vypnem tak ten mail funguje. Asi budú musieť spraviť nejakú aktualizáciu...

Re: mail spam

Napsal: 23 zář 2021 19:50
od Rudy
Ano, i Avast to můžr způsobovat. Je to ale problém jeho nastavení, i když musím uznat, že mít aktuální verzi je ve vašem zájmu.

Re: mail spam

Napsal: 23 zář 2021 20:02
od mill
No to mam najnovsie aktualizacie.A čo mam teraz teda este?

Re: mail spam

Napsal: 23 zář 2021 20:54
od Rudy
Zkuste se podívat na Avast fórum. Myslím, že jde o problém nastvení: https://forum.avast.com/index.php?topic=127789.0 . Toto je problém, který se vztahuje k danému produktu Avast.

Re: mail spam

Napsal: 24 zář 2021 07:15
od mill
Už sa s tým nejak popasujem. Ešte otázka, aký by ste odporučili zadarmo antivírus, teda okrem Avastu?
A ešte čo s tým FRST a ADW na ploche a inde?
Ďakujem.

Re: mail spam

Napsal: 24 zář 2021 09:26
od Rudy
Mohu doporučit Aviru: https://www.avira.com/en/free-antivirus-windows . Má jen tu nevíhodu, že nemá českou (slovenskou) verzi. Jinak je to spolehlivý AV. FRST (a vše, co vytvořil) normálně smažte a ADW spusťte, přejděte na nastavení, srolujte až dolů a klikněte na "Odstranit". Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz