Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

nabourání e-mailu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
wemika
Návštěvník
Návštěvník
Příspěvky: 2
Registrován: 28 bře 2021 13:38

nabourání e-mailu

#1 Příspěvek od wemika »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2021
Ran by veron (administrator) on LAPTOP-S2PRM5CN (LENOVO 81YQ) (28-03-2021 14:30:14)
Running from C:\Users\veron\Desktop
Loaded Profiles: veron
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361383.inf_amd64_cfccffda602342c4\B361368\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361383.inf_amd64_cfccffda602342c4\B361368\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\veron\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_274b8a1dabbd8d3a\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\veron\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\drivers\SessionService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.166.1.16\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.166.1.16\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Overwolf Ltd -> Overwolf LTD) C:\Users\veron\AppData\Local\Overwolf\ProcessCache\0.166.1.16\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_711600cb280d10fd\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_711600cb280d10fd\RtkAudUService64.exe [1195312 2020-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-23] (Valve -> Valve Corporation)
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1746776 2021-02-26] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Run: [AvastBrowserAutoLaunch_33021BB372CE2E37D872A10418B3B481] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8688.91\Installer\chrmstp.exe [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DD857B9-EAB3-45E1-B54D-6C8F61A92BA5} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
Task: {18094DDD-C758-46CA-A587-76A008AA04D7} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758536 2018-03-26] (Lenovo -> )
Task: {1B459F34-0F23-4E09-A7DD-5A9F530AF8FA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f6b87b56-65f7-4087-9fe3-bb5f38bb73fd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {1DBDFA73-6375-42A9-8F3D-10FD585B1172} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {35B88544-0577-4CFC-ADC6-87A00C06FCA3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-15] (Avast Software s.r.o. -> AVAST Software)
Task: {380C7684-886A-40A5-9DAB-D5ECB5B69FE3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-15] (Avast Software s.r.o. -> AVAST Software)
Task: {487304C2-8744-4405-BF5B-F47A23F48781} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {51E53A1F-E3E7-45D8-B3B5-EFC0F320CD1F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d535c209-ad10-43db-a297-0bbecee6b22c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {55F00776-1AB2-412F-8D3A-AEB09C0BCCE8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\24feb4ec-f9d7-4d9f-97e6-5a8037160303 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {5DDF4FBD-CD7D-4E91-94CA-3C46ED11A62C} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
Task: {5E8BB1D6-4DD3-473E-8F2F-E56C43CFAC1A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {65919A8B-FE4F-43AA-A4BD-01D9C8DDB41F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a3e0ab09-17e8-4aa7-a205-c4607dc7c753 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {7D0E5855-10A5-4CD1-863C-E95565447DB8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1511320 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {841F4C79-CF5B-4745-B8B7-EE7A6577473F} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {8E51D163-33C6-41F3-8E2A-891EAE80443C} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {97A0341F-F3D0-42DD-8BBF-41014ED94FCE} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
Task: {9942A79F-D531-4BD8-9526-3E403C94B27F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B46E089C-6311-4BDE-8F37-0FB12E32109F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C6287EE5-582E-474B-BA17-C6DDF434AD19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {C760C84C-3971-419A-B45A-64B65D2BB457} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {CA2DC4FA-359D-4332-94E5-A9302BBEB3C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC513A9F-7A19-4A73-9799-818CC8158629} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758536 2018-03-26] (Lenovo -> )
Task: {E3DDBC8A-0198-4CB1-9B13-DC9637878F53} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62368 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {ED7A08A9-F325-4854-90B0-1174E9010023} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2494078391-1676477522-3798027442-1001 => C:\Users\veron\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87848 2021-01-22] (Lenovo (Beijing) Limited -> Lenovo Group Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{fb0d92b8-23a8-4db5-98d0-9981c6bf3364}: [DhcpNameServer] 150.205.1.2

Edge:
=======
DownloadDir: C:\Users\veron\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001 -> hxxp://seznam.cz/
Edge Notifications: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001 -> hxxps://www.kosik.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\veron\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-28]
Edge DownloadDir: C:\Users\veron\Downloads
Edge Notifications: Default -> hxxps://teams.microsoft.com; hxxps://www.kosik.cz
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"

FireFox:
========
FF DefaultProfile: 1uopm31j.default
FF ProfilePath: C:\Users\veron\AppData\Roaming\Mozilla\Firefox\Profiles\1uopm31j.default [2020-11-07]
FF ProfilePath: C:\Users\veron\AppData\Roaming\Mozilla\Firefox\Profiles\cwwvv04f.default-release [2021-03-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8688.91\elevation_service.exe [1504864 2021-03-15] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [364928 2020-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_274b8a1dabbd8d3a\LenovoUtilityService.exe [529216 2020-05-20] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1808920 2020-04-25] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-03-26] (McAfee, LLC -> McAfee, LLC)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_711600cb280d10fd\RtkAudUService64.exe [1195312 2020-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SessionSvc; C:\WINDOWS\System32\drivers\SessionService.exe [28296 2020-03-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181072 2019-07-22] (GENESYS LOGIC, INC. -> Genesys Logic)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-28 14:30 - 2021-03-28 14:30 - 000019046 _____ C:\Users\veron\Desktop\FRST.txt
2021-03-28 14:29 - 2021-03-28 14:30 - 000000000 ____D C:\FRST
2021-03-28 14:28 - 2021-03-28 14:27 - 002298368 _____ (Farbar) C:\Users\veron\Desktop\FRST64.exe
2021-03-28 14:26 - 2021-03-28 14:27 - 002298368 _____ (Farbar) C:\Users\veron\Downloads\FRST64.exe
2021-03-28 14:20 - 2021-03-28 14:22 - 000000000 ____D C:\ProgramData\McInstTemp0235451616934056
2021-03-28 13:54 - 2021-03-28 13:54 - 006341552 _____ (ESET) C:\Users\veron\Downloads\eset_internet_security_live_installer.exe
2021-03-28 13:48 - 2021-03-28 13:51 - 000000000 ____D C:\Users\veron\AppData\Local\AVAST Software
2021-03-28 13:48 - 2021-03-28 13:48 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-03-28 13:48 - 2021-03-28 13:48 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2021-03-28 13:48 - 2021-03-28 13:48 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2021-03-28 13:48 - 2021-03-28 13:48 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2021-03-28 13:48 - 2021-03-28 13:48 - 000002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-03-28 13:48 - 2021-03-28 13:48 - 000002550 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-03-28 13:48 - 2021-03-28 13:48 - 000002550 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-03-28 13:48 - 2021-03-28 13:48 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-03-28 13:46 - 2021-03-28 13:46 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-03-28 13:46 - 2021-03-28 13:46 - 000002163 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-03-28 13:46 - 2021-03-28 13:46 - 000002163 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2021-03-28 13:46 - 2021-03-28 13:46 - 000000000 ____D C:\Users\veron\AppData\Roaming\Avast Software
2021-03-28 13:45 - 2021-03-28 13:45 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw14cf7280dcd59fb3.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw77de9cd320a78ff8.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw0d661d23c3f1ce54.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw24b5aad5dabe0d7a.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-28 13:45 - 2021-03-28 13:45 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd0a6871839db42dd.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1a0b6ce5ca30acd4.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw360411ee5b4ebdbb.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7d5041ea4a5f2008.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4b25178c5c16887d.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw85706f739acd1fb5.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5efec911de13ae30.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw83ebd00a61e38622.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw67f32f6d8e432296.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw122bba2f76ce0d9e.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7250edbe81441899.tmp
2021-03-28 13:44 - 2021-03-28 14:16 - 000000000 ____D C:\ProgramData\Avast Software
2021-03-28 13:44 - 2021-03-28 13:44 - 000000000 ____D C:\Program Files\Avast Software
2021-03-28 13:43 - 2021-03-28 13:43 - 000220392 _____ (AVAST Software) C:\Users\veron\Downloads\avast_free_antivirus_setup_online.exe
2021-03-23 20:05 - 2021-03-23 20:06 - 000195093 _____ C:\Users\veron\Downloads\pozvanka.pdf
2021-03-23 18:49 - 2021-03-28 14:28 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-23 18:46 - 2021-03-23 18:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-23 18:44 - 2021-03-28 14:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-23 18:44 - 2021-03-23 18:44 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-03-23 18:44 - 2021-03-23 18:44 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-03-23 18:44 - 2021-03-23 18:44 - 000004030 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2021-03-23 18:44 - 2021-03-23 18:44 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-23 18:44 - 2021-03-23 18:44 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-23 18:44 - 2021-03-23 18:44 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-03-23 18:44 - 2021-03-23 18:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2494078391-1676477522-3798027442-1001
2021-03-23 18:44 - 2021-03-23 18:44 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2494078391-1676477522-3798027442-500
2021-03-23 18:44 - 2021-03-23 18:44 - 000000020 ___SH C:\Users\veron\ntuser.ini
2021-03-23 18:44 - 2021-03-23 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-03-23 18:44 - 2021-03-23 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-2494078391-1676477522-3798027442-1001
2021-03-23 18:44 - 2021-03-23 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-03-23 18:44 - 2020-05-13 09:09 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2414761626-3881631753-1266577645-500
2021-03-23 18:44 - 2019-10-17 06:12 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3354727278-81800435-1074778100-500
2021-03-23 18:40 - 2021-03-28 13:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-23 18:40 - 2021-03-23 18:40 - 000436144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-23 18:39 - 2021-03-28 14:22 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-23 18:39 - 2021-03-23 18:44 - 000000000 ____D C:\Windows.old
2021-03-23 10:53 - 2021-03-23 18:39 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-23 10:51 - 2021-03-23 18:44 - 000000000 ____D C:\Users\veron
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Šablony
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Soubory cookie
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Poslední
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Okolní tiskárny
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Okolní síť
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Nabídka Start
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Dokumenty
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Documents\Obrázky
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Documents\Hudba
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Documents\Filmy
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Data aplikací
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\AppData\Local\Data aplikací
2021-03-23 10:51 - 2019-12-07 11:10 - 000001105 _____ C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-23 10:49 - 2021-03-23 10:53 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-03-23 10:46 - 2021-03-23 10:46 - 000000000 ____D C:\ProgramData\ssh
2021-03-23 10:41 - 2021-03-23 10:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-23 10:41 - 2021-03-23 10:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-23 10:41 - 2021-03-23 10:41 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-23 10:41 - 2021-03-23 10:41 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-23 10:41 - 2021-03-23 10:41 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-23 10:41 - 2021-03-23 10:41 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-23 10:41 - 2021-03-23 10:41 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-23 10:41 - 2021-03-23 10:41 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-23 10:41 - 2021-03-23 10:41 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-23 10:41 - 2021-03-23 10:41 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-23 10:41 - 2021-03-23 10:41 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-23 10:41 - 2021-03-23 10:41 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-23 10:41 - 2021-03-23 10:41 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-23 10:41 - 2021-03-23 10:41 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-23 10:40 - 2021-03-23 10:40 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-23 10:40 - 2021-03-23 10:40 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-23 10:40 - 2021-03-23 10:40 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-03-23 10:40 - 2021-03-23 10:40 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-03-23 10:40 - 2021-03-23 10:40 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-23 10:40 - 2021-03-23 10:40 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-23 10:39 - 2021-03-23 10:39 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-23 10:39 - 2021-03-23 10:39 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-23 10:39 - 2021-03-23 10:39 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-23 10:39 - 2021-03-23 10:39 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-03-23 10:39 - 2021-03-23 10:39 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-23 10:39 - 2021-03-23 10:39 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-23 10:39 - 2021-03-23 10:39 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-03-23 10:39 - 2021-03-23 10:39 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-23 10:39 - 2021-03-23 10:39 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-23 10:39 - 2021-03-23 10:39 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-23 10:38 - 2021-03-23 10:38 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-03-23 10:38 - 2021-03-23 10:38 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-23 10:38 - 2021-03-23 10:38 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-23 10:38 - 2021-03-23 10:38 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-23 10:38 - 2021-03-23 10:38 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-03-23 10:38 - 2021-03-23 10:38 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\Program Files\MSBuild
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-22 23:33 - 2021-03-22 23:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-21 16:37 - 2021-03-23 18:44 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-21 16:32 - 2021-03-21 16:32 - 000000000 ___HD C:\$WinREAgent
2021-03-21 11:58 - 2021-03-21 11:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-03-19 20:05 - 2021-03-19 20:05 - 000103952 _____ C:\Users\veron\Desktop\Pozvanka_0804_souhrnny seminar.pdf
2021-03-16 10:32 - 2021-03-16 12:19 - 000000000 ____D C:\Users\veron\Desktop\ŽADATEL
2021-03-14 15:34 - 2021-03-14 15:34 - 000016317 _____ C:\Users\veron\Downloads\000Seznam_+urcenych_+skol_16+rijen_2020_web.xlsx
2021-03-12 17:54 - 2021-03-12 18:48 - 945797578 _____ C:\Users\veron\Downloads\Cista duse (2001) CZ.mkv
2021-03-06 12:11 - 2020-11-26 12:09 - 001792752 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-06 12:11 - 2020-11-26 12:09 - 001792752 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-06 12:11 - 2020-11-26 12:09 - 001383152 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-06 12:11 - 2020-11-26 12:09 - 001383152 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-06 12:11 - 2020-11-26 12:09 - 001094192 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 001094192 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000953040 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000953040 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000745712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000630000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000099568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000084208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000055536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000052464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 064827632 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 053693680 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 004639472 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 004150000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 001783024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 001350384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 001350384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000769264 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000505584 _____ C:\WINDOWS\system32\GameManager64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000502000 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000477424 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000465136 _____ C:\WINDOWS\system32\atieah64.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000441584 _____ C:\WINDOWS\system32\EEURestart.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000388848 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000360688 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000348400 _____ C:\WINDOWS\system32\clinfo.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000254192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000221936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000191232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000175856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000167488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000149744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000144624 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000143600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000134384 _____ C:\WINDOWS\system32\atidxx64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000131312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000129264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000116464 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000115952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000079088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000028616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000028616 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 071039216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 001709560 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 001386072 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000950000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000777456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000562416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000562080 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000498416 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000475376 _____ C:\WINDOWS\system32\amdlogum.exe
2021-03-06 12:11 - 2020-11-26 12:07 - 000392432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000388848 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000207144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000176240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000146048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000140320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000140320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000130208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000118048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000118040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-03-06 12:11 - 2020-11-26 10:43 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-03-06 12:11 - 2020-11-26 10:43 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-03-06 12:11 - 2020-11-26 10:43 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-03-06 12:11 - 2020-11-26 10:43 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-03-06 12:11 - 2020-11-26 10:43 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-03-06 12:11 - 2020-11-26 10:43 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-03-06 12:11 - 2020-11-26 10:43 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2021-03-06 12:11 - 2020-11-26 10:43 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2021-03-06 12:11 - 2020-11-26 10:43 - 000125488 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-03-06 12:11 - 2020-11-26 10:43 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2021-03-06 12:11 - 2020-11-26 10:42 - 000544264 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-03-06 12:11 - 2020-11-26 10:42 - 000544264 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-03-06 12:11 - 2020-11-26 10:42 - 000069770 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-03-03 09:58 - 2021-02-23 19:24 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-03-03 09:58 - 2021-02-23 19:24 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-03-03 09:58 - 2021-02-23 19:23 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-28 14:28 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-28 14:28 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-28 14:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-28 14:23 - 2021-01-01 23:57 - 000002187 _____ C:\Users\veron\Desktop\CurseForge.lnk
2021-03-28 14:23 - 2021-01-01 23:55 - 000000000 ____D C:\Users\veron\AppData\Local\Overwolf
2021-03-28 14:23 - 2020-11-14 16:58 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-28 14:23 - 2020-07-14 07:53 - 000000000 ___RD C:\Users\veron\OneDrive
2021-03-28 14:22 - 2020-05-13 09:23 - 000000000 ____D C:\ProgramData\McAfee
2021-03-28 14:22 - 2020-05-13 09:23 - 000000000 ____D C:\Program Files\McAfee
2021-03-28 14:22 - 2020-05-13 09:20 - 000000000 ____D C:\ProgramData\Goodix
2021-03-28 14:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-28 14:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-28 14:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-28 14:22 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-28 14:21 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-28 14:21 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-28 14:18 - 2020-07-14 07:51 - 000000000 ____D C:\Users\veron\AppData\Local\D3DSCache
2021-03-28 14:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-28 14:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-28 13:50 - 2020-11-13 19:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-28 13:50 - 2020-11-07 01:02 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-28 13:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-28 13:48 - 2020-09-30 18:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-28 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-03-27 09:53 - 2020-07-26 08:22 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-27 09:53 - 2020-07-26 08:22 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-27 09:53 - 2020-07-26 08:22 - 000002285 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-23 19:01 - 2020-07-14 07:51 - 000000000 ____D C:\Users\veron\AppData\Local\Packages
2021-03-23 19:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-23 18:46 - 2020-07-14 07:53 - 000000000 ____D C:\Users\veron\AppData\Local\PlaceholderTileLogoFolder
2021-03-23 18:46 - 2019-10-17 06:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-23 18:45 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-23 18:44 - 2020-07-14 07:51 - 000000000 ___RD C:\Users\veron\3D Objects
2021-03-23 18:44 - 2020-07-14 07:32 - 000000000 ____D C:\ProgramData\Packages
2021-03-23 18:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-23 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-23 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-23 18:42 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-03-23 18:40 - 2020-05-13 09:20 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2021-03-23 18:40 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-23 18:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-23 18:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-23 18:39 - 2021-01-02 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2021-03-23 18:39 - 2021-01-02 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-03-23 18:39 - 2021-01-02 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-03-23 18:39 - 2021-01-01 23:57 - 000000000 ____D C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2021-03-23 18:39 - 2021-01-01 23:33 - 000000000 ____D C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-23 18:39 - 2020-11-14 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-23 18:39 - 2020-09-16 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-03-23 18:39 - 2020-08-23 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2021-03-23 18:39 - 2020-08-23 17:39 - 000000000 ____D C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-03-23 18:39 - 2020-07-13 22:46 - 000000000 ____D C:\Program Files\UNP
2021-03-23 18:39 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-23 18:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-03-23 18:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-03-23 18:39 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-23 18:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-23 18:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-23 10:54 - 2020-07-14 07:51 - 000000000 ____D C:\WINDOWS\Lenovo
2021-03-23 10:54 - 2020-05-13 09:20 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-03-23 10:46 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-23 10:46 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-23 10:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-23 10:45 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-03-23 10:45 - 2019-12-07 16:44 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-03-22 23:43 - 2019-12-07 16:43 - 000000000 ____D C:\WINDOWS\OCR
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-03-22 23:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-03-22 23:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-03-22 23:17 - 2020-05-13 09:14 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-20 13:23 - 2020-11-07 01:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-20 00:19 - 2020-11-07 01:02 - 000000000 ____D C:\Users\veron\AppData\LocalLow\Mozilla
2021-03-16 09:33 - 2019-10-17 06:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-10 11:15 - 2020-07-18 15:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 11:07 - 2020-07-18 15:50 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-09 10:22 - 2021-01-01 23:57 - 000000000 ____D C:\Program Files (x86)\Overwolf

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2021
Ran by veron (28-03-2021 14:32:20)
Running from C:\Users\veron\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2021-03-23 16:44:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2494078391-1676477522-3798027442-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2494078391-1676477522-3798027442-503 - Limited - Disabled)
Guest (S-1-5-21-2494078391-1676477522-3798027442-501 - Limited - Disabled)
veron (S-1-5-21-2494078391-1676477522-3798027442-1001 - Administrator - Enabled) => C:\Users\veron
WDAGUtilityAccount (S-1-5-21-2494078391-1676477522-3798027442-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 89.0.8688.91 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CurseForge (HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.171.1.4 - Overwolf app)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Lenovo Service Bridge (HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.1.7 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0072 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13801.20360 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 87.0 (x64 cs) (HKLM\...\Mozilla Firefox 87.0 (x64 cs)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.166.1.16 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.582 - McAfee, LLC)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10027.0_x64__0a9344xs7nr4m [2021-03-23] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2021-03-23] (Advanced Micro Devices Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.3.30.0_x86__kgqvnymyfvs32 [2021-03-20] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.55.4.0_x86__kgqvnymyfvs32 [2021-03-25] (king.com)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2020-07-28] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_7.20.756.0_x64__17mer8kcn3j54 [2021-03-20] (Mirametrix Inc.) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-28] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-21] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2020-11-03] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-02-11 23:07 - 2020-05-30 16:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll
2020-12-21 12:22 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-07-14 07:56 - 2020-04-09 09:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001 -> DefaultScope {2FA14408-0D39-4AB4-90B9-199E264C6B02} URL =
SearchScopes: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001 -> {2FA14408-0D39-4AB4-90B9-199E264C6B02} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\sharepoint.com -> hxxps://cckp9-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\veron\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3A08AA55-6B7F-4392-B665-5AA7DC5F417D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BE690773-09FA-4855-9CF1-AE83866C8823}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{10196B3E-3EB1-46BA-AD18-788F6153D585}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77AFA6CB-BE2C-4F30-8C9E-D5A43631CA24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3122E988-7FE0-4C23-90C8-0D98BE63CF0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2CE57746-C514-4F5C-AD7C-9E82A49949F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{598A739A-6306-4FB6-90F3-C70A37A7C1E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{363FE68E-03C3-43E0-9F5B-3B13510DBB31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{480A7EE9-EEE3-4026-9EE0-8B5A029B2997}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1CAE23CC-6B95-45F4-BFE4-E8A2C5BB4975}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{853CDB8F-75CC-44D8-B413-399A5E448692}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8AA2D563-E401-49A9-A359-A059E15BEB26}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1AABA110-FA0A-40FC-9D87-A8BAE7684D17}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{9F28AA03-745A-486F-BC21-D27F447D4817}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D4169708-1A4F-4B8E-AEE0-1A3B66A3D079}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{AA37AF0D-6910-4D4A-B83B-EC720FD00A34}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5ECBA0A9-5CE0-4DDD-8377-BF5222693FA4}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0D236A75-A7A0-43A5-86C4-AA68E5A138DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{669F0672-18BF-4BC0-890A-0514A8460CCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4B96B1A-225A-4E89-9D1E-931D395D1DEF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50B5E7DA-2BBD-4D67-83C0-6B0B82587D54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8FFD6E71-BD13-4F0F-8104-A1C803DC9E0F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3706A036-0960-4176-977B-A3DF19DA03D4}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{8A79ACF6-F650-4BF3-9C9D-5713BE069101}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{4AD71AEA-9311-408E-A592-C0EADD14B687}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{2EC8A6FA-6AD5-4745-B0E6-6DA004ABF4E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{195EABD9-C31D-48DE-8B91-A3EADD142E25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DDDA649F-4868-4A06-957D-844DE1694E3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B5972F38-9BED-4317-AE8E-4339C2ED9E94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{87E557BE-5E37-4DA4-A437-209DDE6BDD3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{DC47A353-A5BD-4D71-8E1A-56DCF89830A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3C476EC2-9166-447B-B852-E5E2DEB7FC88}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3DF81E51-487E-4B90-AF69-21CB4581D692}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DC996CE3-B3E6-450B-BA66-B88CF902873C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1B3EBC7F-0D7A-4F6F-A770-8BEB710CEB1B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6124D33E-29C0-440C-87E6-34104BBE6E36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E82FE443-CC40-42D2-B57B-DDBB0CC28A47}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{FCB90729-AB4D-4F22-97E0-3FC1CF2B4C78}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{E3D2A686-53B2-4068-9204-975820A903AA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD2F02AB-8179-41AB-8900-FD7E27EEF5ED}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

28-03-2021 13:48:36 Instalační služba modulů systému Windows
28-03-2021 13:49:05 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/28/2021 02:23:11 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/28/2021 02:19:37 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.

Error: (03/28/2021 02:19:37 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (03/28/2021 02:18:41 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2021 10:29:58 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2021 10:29:57 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2021 07:01:19 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2021 04:25:08 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007


System errors:
=============
Error: (03/28/2021 02:23:59 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 02:22:51 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 02:22:15 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 02:21:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 02:18:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 01:57:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/28/2021 01:57:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (03/28/2021 01:47:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2021-03-28 14:23:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.166.1.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-28 14:23:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.166.1.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-28 14:19:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO E7CN36WW 11/23/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 4500U with Radeon Graphics
Percentage of memory in use: 63%
Total physical RAM: 7542.8 MB
Available physical RAM: 2782.89 MB
Total Virtual: 12150.8 MB
Available Virtual: 7032.29 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:252.14 GB) NTFS

\\?\Volume{7c5ba8c6-df9e-4dbd-b127-dd435bdee148}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.54 GB) NTFS
\\?\Volume{6db244b7-1efc-4072-8872-9146cff87cc1}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8F87DCD3)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: nabourání e-mailu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

wemika
Návštěvník
Návštěvník
Příspěvky: 2
Registrován: 28 bře 2021 13:38

Re: nabourání e-mailu

#3 Příspěvek od wemika »

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-03-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-28-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted HKLM\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2946 octets] - [28/03/2021 21:03:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: nabourání e-mailu

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět