HDD vyťažené stále na 100 %

Zpráva

tinozv · #1 Příspěvek od **tinozv** » 07 říj 2020 20:52

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2020
Ran by Martin Tuhársky (administrator) on MARTINTUHÁRSKY (TOSHIBA TECRA Z40-A) (07-10-2020 21:31:38)
Running from C:\Users\Martin Tuhársky\Desktop
Loaded Profiles: Martin Tuhársky
Platform: Windows 10 Home Version 2004 19041.388 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\RMService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel CASE -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SpatialAudioLicenseSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe <2>
(Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe
(WinZip Computing LLC -> WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [408880 2015-07-03] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-05-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-09-23] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-03-19] (Corel Corporation -> Corel Corporation)
HKLM\...\Run: [WinZip PreLoader] => C:\Program Files\WinZip\WzPreloader.exe [130624 2019-03-19] (Corel Corporation -> WinZip Computing)
HKLM\...\Run: [WinZip FAH] => C:\Program Files\WinZip\FAHConsole.exe [436416 2019-03-19] (WinZip Computing LLC -> WinZip Computing, S.L.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-29] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{3AFF1C30-4959-4c2f-8BED-E6E81E39F57A}] -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtCp.dll [2012-02-01] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Web Signer.lnk [2020-02-26]
ShortcutTarget: Web Signer.lnk -> C:\Program Files (x86)\Disig\Disig Web Signer 1.0.7\Updater\WebSignerTray.exe (Disig a.s. -> Disig a.s.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0188DDB0-307D-48AC-81B2-7A2ED826B8E2} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-03-19] (Corel Corporation -> Corel Corporation)
Task: {0691F348-D73E-4F22-B464-EF0EF8ECDFF2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16B59C46-B926-4872-9284-B264C7CD9C33} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1B58700A-692F-43DC-BB60-CE2F144279C8} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1D3D52F5-21A1-443C-9DA5-F14E57FA0218} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2191373498-3108147424-3075955953-1000 => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-12-27] (Mega Limited -> Mega Limited)
Task: {238CEB94-C3D5-4FB3-BD53-FA85593DF4EB} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {23F09888-DF4A-4387-B8FA-557E74A6081B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2FCD818B-C2A4-497A-A242-BF4E6EC2CF71} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31AC0D1F-F451-4B18-9550-989ED6C4E8AC} - System32\Tasks\Security Platform Backup Schedule => C:\Program Files (x86)\Infineon\Security Platform Software\SpBackupWz.exe
Task: {38F576A2-5514-4F6A-A1D6-476B9764FC29} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-03-19] (Corel Corporation -> Corel Corporation)
Task: {3A8B993A-C19D-4113-AFEE-0FFA994BE8BE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {48655F78-3EA1-4E78-B464-8BAD6DEABDC3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4E22786D-229B-4365-B06C-98DE9F4CEB4D} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5134BA77-DE14-47F0-B8D8-B86164BAFFB2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {52B062E3-91F4-46FC-A16A-544697D101A2} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {59E2E560-CB50-4EBB-994D-E34C448547C3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6A6A9C9B-7FD3-45BD-AEC8-23B23CA29DF7} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {7A35C4E7-D7D6-4BC9-9FE2-57103A11A5FE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D85F31E-ABC9-4C48-940E-B13BA35577CB} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {89BB4B4C-32CA-4885-9E9E-54F04EC5C167} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {91A15C9E-7947-4F99-A057-14FD341C6C62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-19] (Google Inc -> Google Inc.)
Task: {9580C150-286B-4909-B2BF-2EB66EEF6574} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {972C2910-1EF2-491A-9C89-1FA906BBDCC6} - System32\Tasks\OInstall => C:\WINDOWS\OInstall.exe [11821176 2016-09-16] (WZT -> ) [File not signed]
Task: {990655E3-5FAA-40F1-8E8D-689CC25D7C0D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9A124240-5687-41F4-A940-6743E25C7542} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A19C5470-24E4-47FA-A5C6-8390C789E699} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {A3BD9796-1760-40B3-BF74-25088B33A0D1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A86C43AB-A8C4-457C-BE36-7CEB554DE89F} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2862032 2019-03-19] (Corel Corporation -> Corel Corporation)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3C7C4EC-A63A-415A-8FEA-E92BEFCB5980} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B79C838B-1CA3-4EB8-8C2F-DB34FCCC116A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {BA063DC6-DC5D-490F-BA98-C94A6B25DC33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-19] (Google Inc -> Google Inc.)
Task: {BFDE5E28-5968-4310-811B-F58C1D93777B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7C7BF1D-323D-4649-B808-D4E3C698AD45} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D10BDF9B-335C-4400-9745-53448735C2EF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DA54127C-C4CF-493E-8110-C70E4B0ED237} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2191373498-3108147424-3075955953-1000 => C:\Users\Martin Tuhársky\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {E02414BD-5F44-4542-BE4A-34B21FE7917A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {E3E0488C-282C-415A-B81D-C7EE1B3FE8DD} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {E56B7D89-199F-4738-A658-1D8AAAA660D7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9C82464-56EE-4D01-9DD4-1CC281BA95F5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Security Platform Backup Schedule.job => C:\Program Files (x86)\Infineon\Security Platform Software\SpBackupWz.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{63A4561B-7130-4596-ACBE-B95DED1AD381}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{824CB6EA-555F-4F08-BD6D-F39DF2FE29C6}: [DhcpNameServer] 192.168.1.1

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Martin Tuhársky\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-07]
Edge Notifications: Default -> hxxps://www.instagram.com
Edge Session Restore: Default -> is enabled.
Edge Extension: (MEGA) - C:\Users\Martin Tuhársky\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2020-09-23]

FireFox:
========
FF DefaultProfile: 5g6rpns1.default
FF ProfilePath: C:\Users\Martin Tuhársky\AppData\Roaming\Mozilla\Firefox\Profiles\5g6rpns1.default [2020-02-13]
FF ProfilePath: C:\Users\Martin Tuhársky\AppData\Roaming\Mozilla\Firefox\Profiles\5zzy2e2t.default-release [2020-02-13]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2019-03-05] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-02-13]

Chrome:
=======
CHR Profile: C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default [2020-10-07]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentácie) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-19]
CHR Extension: (Just Black) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-03-16]
CHR Extension: (Dokumenty) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-19]
CHR Extension: (Disk Google) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-19]
CHR Extension: (MEGA) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2020-06-25]
CHR Extension: (YouTube) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-25]
CHR Extension: (Tabuľky) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-27]
CHR Extension: (Disig Web Signer 1.0.7) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\odbdbcaekkgabdfaabepfjgiooilmaoe [2020-02-26]
CHR Extension: (Gmail) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Martin Tuhársky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [odbdbcaekkgabdfaabepfjgiooilmaoe]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [96120 2015-07-03] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\DSDFunctionKeyCtlService.exe [615760 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-09-23] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2371760 2020-09-23] (ESET, spol. s r.o. -> ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-06-18] (Intel CASE -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\dynabookSystemService.exe [44976440 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\TOSTABSYSSVC.exe [254272 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\RMService.exe [446232 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-02-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-02-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [158512 2020-09-23] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106640 2020-09-23] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195976 2020-09-23] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [53064 2020-09-23] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79552 2020-09-23] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116488 2020-09-23] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47408 2018-12-23] (TOSHIBA CLIENT SOLUTIONS CO., LTD. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_b172549968baa801\TosSrvCtlDrv.sys [25824 2020-06-15] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-05] (Microsoft Windows -> Microsoft Corporation)
S3 WinDivert1.1; C:\WINDOWS\files\bin\x64WDV\WinDivert.sys [35376 2013-12-03] (Nemea Mjukvaruutveckling AB -> Basil Projects)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-07 21:31 - 2020-10-07 21:37 - 000027256 _____ C:\Users\Martin Tuhársky\Desktop\FRST.txt
2020-10-07 21:30 - 2020-10-07 21:33 - 000000000 ____D C:\FRST
2020-10-07 21:30 - 2020-10-07 21:29 - 002299392 _____ (Farbar) C:\Users\Martin Tuhársky\Desktop\FRST64 (2).exe
2020-10-07 21:29 - 2020-10-07 21:29 - 002299392 _____ (Farbar) C:\Users\Martin Tuhársky\Downloads\FRST64 (2).exe
2020-10-07 21:28 - 2020-10-07 21:28 - 002299392 _____ (Farbar) C:\Users\Martin Tuhársky\Downloads\Nepotvrdené 354002.crdownload
2020-10-07 21:27 - 2020-10-07 21:28 - 002299392 _____ (Farbar) C:\Users\Martin Tuhársky\Downloads\Nepotvrdené 820201.crdownload
2020-10-07 18:34 - 2020-10-07 18:34 - 000007604 _____ C:\Users\Martin Tuhársky\AppData\Local\Resmon.ResmonCfg
2020-09-29 13:24 - 2020-08-25 05:42 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-09-29 13:24 - 2020-08-25 05:36 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-09-24 15:27 - 2020-09-24 15:27 - 000001064 _____ C:\Users\Public\Desktop\HiSuite.lnk
2020-09-24 15:27 - 2020-09-24 15:27 - 000001064 _____ C:\ProgramData\Desktop\HiSuite.lnk
2020-09-24 15:27 - 2020-09-24 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2020-09-24 15:26 - 2020-09-24 15:27 - 000000000 ____D C:\Program Files (x86)\HiSuite
2020-09-24 15:26 - 2020-08-17 03:57 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys
2020-09-24 15:26 - 2020-08-17 03:57 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys
2020-09-24 15:26 - 2020-08-17 03:57 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys
2020-09-24 15:26 - 2020-08-17 03:57 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-10-07 21:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-07 21:24 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-07 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-07 21:13 - 2019-02-19 19:12 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-10-07 21:13 - 2019-02-19 18:32 - 000000000 __SHD C:\Users\Martin Tuhársky\IntelGraphicsProfiles
2020-10-07 21:12 - 2020-08-08 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-07 21:12 - 2020-08-08 17:16 - 000008192 ___SH C:\DumpStack.log.tmp
2020-10-07 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-10-07 21:12 - 2019-02-19 20:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-10-07 21:11 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-10-07 20:58 - 2020-08-08 17:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-07 19:27 - 2020-08-08 17:19 - 000000000 ____D C:\Users\Martin Tuhársky
2020-10-07 19:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-07 19:10 - 2020-06-11 14:22 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-07 18:44 - 2020-08-08 17:28 - 000934922 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-07 18:44 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2020-10-07 18:34 - 2019-02-21 11:02 - 000000000 ____D C:\WINDOWS\files
2020-10-07 18:19 - 2019-12-27 23:16 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-10-07 18:19 - 2019-12-27 23:16 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-09-29 14:08 - 2019-02-19 19:43 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-29 13:12 - 2009-07-14 04:34 - 000000545 _____ C:\WINDOWS\win.ini
2020-09-24 15:27 - 2019-02-19 20:06 - 000000000 ____D C:\Users\Martin Tuhársky\AppData\Local\HiSuite
2020-09-23 18:22 - 2020-07-01 07:56 - 000002390 _____ C:\Users\Martin Tuhársky\Desktop\Microsoft Edge.lnk
2020-09-23 15:08 - 2020-08-08 17:47 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-23 15:08 - 2020-08-08 17:47 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-23 15:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-23 15:00 - 2019-11-29 09:30 - 000195976 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2020-09-23 15:00 - 2019-11-29 09:30 - 000158512 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2020-09-23 15:00 - 2019-11-29 09:30 - 000116488 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2020-09-23 15:00 - 2019-11-29 09:30 - 000106640 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2020-09-23 15:00 - 2019-11-29 09:30 - 000079552 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2020-09-23 15:00 - 2019-11-29 09:30 - 000053064 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2020-09-23 14:59 - 2019-10-16 14:04 - 000015288 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys

==================== Files in the root of some directories ========

2019-02-19 20:21 - 2019-02-19 20:21 - 000221566 _____ () C:\Users\Martin Tuhársky\AppData\Roaming\tni_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-03-19 11:53 - 2019-03-19 11:53 - 000000001 _____ () C:\Users\Martin Tuhársky\AppData\Local\llftool.4.40.agreement
2019-03-19 11:53 - 2019-03-19 11:53 - 000000019 _____ () C:\Users\Martin Tuhársky\AppData\Local\llftool.license
2020-10-07 18:34 - 2020-10-07 18:34 - 000007604 _____ () C:\Users\Martin Tuhársky\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-10-2020
Ran by Martin Tuhársky (07-10-2020 21:41:10)
Running from C:\Users\Martin Tuhársky\Desktop
Windows 10 Home Version 2004 19041.388 (X64) (2020-08-08 15:50:02)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2191373498-3108147424-3075955953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2191373498-3108147424-3075955953-503 - Limited - Disabled)
Guest (S-1-5-21-2191373498-3108147424-3075955953-501 - Limited - Disabled)
Martin Tuhársky (S-1-5-21-2191373498-3108147424-3075955953-1000 - Administrator - Enabled) => C:\Users\Martin Tuhársky
WDAGUtilityAccount (S-1-5-21-2191373498-3108147424-3075955953-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.100.303.105 - ALPS ELECTRIC CO., LTD.)
Asistent pri aktualizácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
Balík softvéru eID (HKLM-x32\...\{ada2b0d4-ff66-4697-86d1-676a81f20d74}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION)
Disig Web Signer 1.0.7 (HKLM-x32\...\{21859B7E-5E38-4892-A480-FA8B180ADE72}) (Version: 1.1.8 - Disig)
EAC MW klient (HKLM-x32\...\{92879DFD-B281-447B-AC54-ED065B0BBB17}) (Version: 3.3.0 - Ministerstvo vnútra Slovenskej republiky)
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.2.18.0 - ESET, spol. s r.o.)
Free ISO Creator version 1.0 (HKLM-x32\...\{FBEF93EA-D52F-45B5-91D3-ABEACE4C7615}_is1) (Version: 1.0 - freeisocreator.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Hard Disk Low Level Format Tool 4.40 (HKLM-x32\...\Hard Disk Low Level Format Tool_is1) (Version: - HDDGURU)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{C0E98254-A0EF-475A-81F4-38C1DF5631A5}) (Version: 5.0.10.2850 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.70 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Multi-Tool 8 (HKLM-x32\...\{A46F89B2-C476-4100-BF2E-1A98C0F18AEF}) (Version: 0.8.9 - Team MT)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21232 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7520 - Realtek Semiconductor Corp.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Tixati (HKLM-x32\...\tixati) (Version: - )
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.6.02.6403 - Toshiba Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4486669) 64-Bit Edition (HKLM\...\{90160000-012B-041B-1000-0000000FF1CE}_Office16.PROPLUS_{5B5D9645-8189-4D87-9746-9C926AD6D404}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windscribe (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.83 Build 20 - Windscribe Limited)
WinZip 23.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2411F}) (Version: 23.0.13431 - Corel Corporation)

Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-29] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-02-20] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-27] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0 [2020-10-07] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2191373498-3108147424-3075955953-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-09-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-03-19] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-09-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Martin Tuhársky\AppData\Local\MEGAsync\ShellExtX64.dll [2019-12-27] (Mega Limited -> )
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-03-19] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-09-23] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2019-03-19] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2012-09-23 21:44 - 2012-09-23 21:44 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\sk_sk\acrotray.sky
2020-09-29 13:52 - 2020-09-29 13:52 - 000165376 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220\DAXRPCClient.dll
2020-09-29 13:52 - 2020-09-29 13:53 - 037106688 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220\DolbyAccess.dll
2020-04-10 08:31 - 2020-04-10 08:31 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220\e_sqlite3.dll
2012-09-23 21:44 - 2012-09-23 21:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\sk_sk\Acrobat Elements\ContextMenuShim64.sky

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-03-16 15:51 - 2020-03-16 15:52 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\;C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\EAC MW klient\
HKU\S-1-5-21-2191373498-3108147424-3075955953-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin Tuhársky\Downloads\reflection-wallpapers-22-2560-x-1600.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D28B0B80-FFD7-476F-8DCD-564282AAD794}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12D1D404-4428-45DF-AA6B-CC28B7FC837E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{52F02DDE-9E0C-4072-B928-3EB23444D6DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F3AC54DA-1068-448B-B336-2E3B4AA30623}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{31877AFD-1020-4E8C-8370-46E909D15ED6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{D641B259-3A00-401B-87C3-567954475F68}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{578499F6-961F-4774-9E4E-EAF222B848DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FFD78292-96CB-40E9-B4DE-0451E7B559EB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{590B23C6-6620-4CB1-8C71-5C9B171228D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA7EAB6E-99B9-48C8-B264-EA052C41DC98}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{643B48F1-B3A1-4705-B09D-282C48D825A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FD3B7FA2-617A-4187-9E7E-CB5AFC28212D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{99A77C76-1B06-4E76-A14D-D99896A4399D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{68678745-9F99-40C8-A071-06AF1DB9BDD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16E22A22-52B7-49B7-B9F2-FB3E7B26C21A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{621920EF-998F-40BD-8643-AB2EF65F6B68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C7F940C1-74F7-4F43-A709-DCAFDE829265}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{105361C6-46BE-4274-8997-368A53D5E077}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F18BE70B-98A0-4317-B0D6-C5484A1441E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{155BBA85-BBA6-4B5D-B11E-A7CF56C3A0FC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{62E5AA01-A1E6-42B7-8A6C-1C254BFB0399}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{616081A0-A7F7-4DAC-BA6A-912893FD2895}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB482966-153F-4FB1-B771-A396BB532E33}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/07/2020 09:42:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20091.84.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 26b8

Start Time: 01d69ce199fabce7

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: 7de07e11-0df2-452f-8e00-80fdbb9371c5

Faulting package full name: Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/07/2020 09:33:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20091.84.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2594

Start Time: 01d69cdf62890b7f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: 7f879424-a11c-4637-ad04-532606f31cdf

Faulting package full name: Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/07/2020 09:23:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20091.84.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: b80

Start Time: 01d69cde04d5c0b6

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: 0aefdc97-0ab3-4930-afc7-d46a8bb52e38

Faulting package full name: Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/07/2020 07:11:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wuauclt.exe, verzia: 10.0.19041.329, časová značka: 0x5c5723e6
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.19041.207, časová značka: 0xcad89ab4
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000045e16
Identifikácia chybujúceho procesu: 0x19c4
Čas spustenia chybujúcej aplikácie: 0x01d69ccb48d76912
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wuauclt.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 0a23457c-25bf-4617-bb37-f938c46f99a6
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (10/07/2020 06:48:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20091.84.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 12ac

Start Time: 01d69cc9acc242b9

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: 028eeacf-3d0e-453c-98c4-4a3a7be9bc09

Faulting package full name: Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/07/2020 06:48:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20091.84.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1f18

Start Time: 01d69cc93de1975c

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: 6212101c-f7ea-4584-86c4-086c8e2a7f63

Faulting package full name: Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/07/2020 06:44:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/07/2020 06:44:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (10/07/2020 09:25:58 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba System Guard Runtime Monitor Broker sa pri spustení zablokovala.

Error: (10/07/2020 09:23:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správca stiahnutých máp sa pri spustení zablokovala.

Error: (10/07/2020 09:21:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service sa pri spustení zablokovala.

Error: (10/07/2020 09:18:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (10/07/2020 09:18:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (30000 ms).

Error: (10/07/2020 09:18:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Microsoft Edge Update (edgeupdate) zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (10/07/2020 09:18:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Microsoft Edge Update (edgeupdate) bol dosiahnutý časový limit (30000 ms).

Error: (10/07/2020 09:17:36 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Delivery Optimization sa pri spustení zablokovala.

CodeIntegrity:
===================================

Date: 2020-10-07 21:39:30.3880000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-07 21:29:03.4190000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-07 21:27:50.5300000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-07 21:27:50.4460000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-07 21:27:49.7170000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-07 21:27:48.9490000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-07 21:27:48.7860000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-07 21:18:44.2280000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: TOSHIBA Version 4.30 04/26/2018
Motherboard: TOSHIBA TECRA Z40-A
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 76%
Total physical RAM: 4021.33 MB
Available physical RAM: 953.84 MB
Total Virtual: 8117.33 MB
Available Virtual: 4864.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:171.91 GB) (Free:44.27 GB) NTFS
Drive d: () (Fixed) (Total:292.97 GB) (Free:99.03 GB) NTFS

\\?\Volume{bb37e844-3442-11e9-b884-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{d4c5d852-0000-0000-0000-b0002b000000}\ () (Fixed) (Total:0.78 GB) (Free:0.33 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D4C5D852)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=171.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=799 MB) - (Type=27)
Partition 4: (Not Active) - (Size=293 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#2 Příspěvek od **Diallix** » 08 říj 2020 05:51

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

tinozv · #3 Příspěvek od **tinozv** » 08 říj 2020 15:41

Nech sa páči prikladám žiadaný LOG.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.7.0
# -------------------------------
# Build: 07-22-2020
# Database: 2020-07-20.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-08-2020
# Duration: 00:00:08
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\csastats

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.TOSHIBAUtilities Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1505 octets] - [08/10/2020 16:31:17]
AdwCleaner[S01].txt - [1566 octets] - [08/10/2020 16:32:08]
AdwCleaner[S02].txt - [1627 octets] - [08/10/2020 16:34:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

#4 Příspěvek od **Diallix** » 08 říj 2020 18:38

poprosim o nove logy - FRST + ADDITION.

VIRY.CZ

HDD vyťažené stále na 100 %

HDD vyťažené stále na 100 %

Re: HDD vyťažené stále na 100 %

Re: HDD vyťažené stále na 100 %

Re: HDD vyťažené stále na 100 %