Win def ani Avast nepomáhá

[Bosakk00]

Zdravím místní guru,

Dostalo se mě do kompu nějaké svinstvo a nejde to odstranit.

Mohl by se na to někdo z místních šamanů mrknout prosím ?

Předem děkuji za pomoc !

Logy zde:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2021
Ran by lapen (administrator) on DESKTOP-KUVRBMO (Dell Inc. Inspiron 15 7000 Gaming) (02-11-2021 11:16:01)
Running from C:\Users\lapen\Downloads
Loaded Profiles: lapen
: Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c34fd594e40bf436\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_a9a8972288e9f3b5\RstMwService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm\Bluetooth Suite\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_43100dd3f0c99703\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) D:\Steam\steam.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320056 2019-08-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\Run: [Steam] => D:\Steam\steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\Run: [Discord] => C:\Users\lapen\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\Run: [Battle.net] => D:\Battle.net\Battle.net.exe [1087376 2021-10-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\Run: [Wargaming.net Game Center] => D:\Wargaming.net\GameCenter\wgc.exe [2144704 2021-10-19] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-26] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7C7CBAAE-8316-4376-AF3F-9F25B0E780C8} - System32\Tasks\Opera scheduled Autoupdate 1635707853 => C:\Users\lapen\AppData\Local\Programs\Opera\launcher.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{da9fe801-a6d8-4b56-b32a-f8cd0bb3122f}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge Profile: C:\Users\lapen\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-02]

Chrome:
=======
CHR Profile: C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default [2021-11-02]
CHR Notifications: Default -> hxxps//www.netflix.com
CHR Extension: (Prezentace) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-20]
CHR Extension: (Dokumenty) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-20]
CHR Extension: (Disk Google) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-20]
CHR Extension: (YouTube) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-20]
CHR Extension: (Chrome Protect) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehildbclipkplmjfidlkkplaieiglaml [2021-11-02]
CHR Extension: (Tabulky) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-20]
CHR Extension: (Gmail) - C:\Users\lapen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm\Bluetooth Suite\adminservice.exe [386976 2019-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8912272 2021-09-20] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-10-07] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_43100dd3f0c99703\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_43100dd3f0c99703\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [443480 2019-07-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [434424 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-02 11:16 - 2021-11-02 11:16 - 000011686 _____ C:\Users\lapen\Downloads\FRST.txt
2021-11-02 11:15 - 2021-11-02 11:16 - 000000000 ____D C:\FRST
2021-11-02 11:15 - 2021-11-02 11:15 - 002310656 _____ (Farbar) C:\Users\lapen\Downloads\FRST64.exe
2021-11-02 11:04 - 2021-11-02 11:12 - 000000000 ____D C:\ProgramData\Avast Software
2021-11-02 11:04 - 2021-11-02 11:04 - 000234280 _____ (AVAST Software) C:\Users\lapen\Downloads\avast_free_antivirus_setup_online.exe
2021-11-02 11:02 - 2021-11-02 11:03 - 000001870 _____ C:\Users\lapen\Desktop\Rkill.txt
2021-11-02 11:02 - 2021-11-02 11:02 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\lapen\Downloads\rkill.exe
2021-11-02 11:00 - 2021-11-02 11:00 - 005659583 _____ (Swearware) C:\Users\lapen\Downloads\ComboFix.exe
2021-11-02 10:59 - 2021-11-02 11:09 - 000000000 ____D C:\ProgramData\SoundFlowPicker
2021-11-02 10:25 - 2021-11-02 10:25 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-11-02 10:25 - 2021-11-02 10:25 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2021-11-02 10:19 - 2021-11-02 10:21 - 000000000 ____D C:\Users\lapen\AppData\Roaming\Intel Rapid
2021-11-02 10:19 - 2021-11-02 10:19 - 000000000 ____D C:\Users\lapen\AppData\LocalLow\iT6tF6rB9
2021-11-02 10:19 - 2021-11-02 10:19 - 000000000 ____D C:\Users\lapen\AppData\LocalLow\discord_files
2021-11-02 10:19 - 2021-11-02 10:19 - 000000000 ____D C:\ProgramData\Posse
2021-11-02 10:19 - 2021-11-02 10:19 - 000000000 ____D C:\Program Files (x86)\foler
2021-11-02 10:18 - 2021-11-02 11:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator
2021-11-02 10:18 - 2021-11-02 11:12 - 000000000 ____D C:\Program Files (x86)\Restore Point Creator
2021-11-02 10:18 - 2021-11-02 10:20 - 000000000 ____D C:\Program Files (x86)\MachinerData
2021-11-02 10:18 - 2021-11-02 10:19 - 000000000 ____D C:\Users\lapen\AppData\Roaming\neverlose
2021-11-02 10:18 - 2021-11-02 10:18 - 000000000 ____D C:\Users\lapen\AppData\Roaming\guemal
2021-11-02 10:18 - 2021-11-02 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kSupport.com
2021-11-02 10:18 - 2021-11-02 10:18 - 000000000 ____D C:\ProgramData\Garbage Cleaner
2021-11-02 10:18 - 2021-11-02 10:18 - 000000000 ____D C:\Program Files (x86)\kSupport.com
2021-11-02 10:17 - 2021-11-02 10:17 - 000000000 ____D C:\Program Files (x86)\Debitis
2021-10-31 21:02 - 2021-10-31 21:02 - 000000000 ____D C:\Users\Public\Documents\Steam
2021-10-31 21:02 - 2021-10-31 21:02 - 000000000 ____D C:\Users\lapen\Documents\My Games
2021-10-31 21:01 - 2021-10-31 21:01 - 000000000 ____D C:\Windows\SysWOW64\directx
2021-10-31 20:17 - 2021-11-02 10:30 - 000000000 ____D C:\Users\lapen\AppData\Local\BitTorrentHelper
2021-10-31 20:17 - 2021-10-31 20:23 - 000000000 ____D C:\Users\lapen\AppData\Local\Opera Software
2021-10-31 20:17 - 2021-10-31 20:17 - 000004210 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1635707853
2021-10-31 20:16 - 2021-11-02 10:37 - 000000000 ____D C:\Users\lapen\AppData\Roaming\uTorrent
2021-10-31 20:16 - 2021-10-31 20:23 - 000000000 ____D C:\Users\lapen\AppData\Roaming\Opera Software
2021-10-31 20:16 - 2021-10-31 20:16 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2021-10-31 20:16 - 2021-10-31 20:16 - 000000896 _____ C:\Users\lapen\Desktop\µTorrent.lnk
2021-10-31 20:15 - 2021-10-31 20:15 - 000000000 ____D C:\Users\lapen\AppData\Local\UT008
2021-10-30 06:47 - 2021-10-30 06:47 - 000000689 _____ C:\Users\lapen\Desktop\World of Tanks EU.lnk
2021-10-30 06:46 - 2021-10-30 17:08 - 000000000 ____D C:\Users\lapen\AppData\Roaming\Wargaming.net
2021-10-30 06:46 - 2021-10-30 06:47 - 000000000 ____D C:\Users\lapen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2021-10-30 06:46 - 2021-10-30 06:46 - 000000842 _____ C:\Users\lapen\Desktop\Game Center.lnk
2021-10-30 06:45 - 2021-10-30 06:45 - 000000000 ____D C:\ProgramData\Wargaming.net
2021-10-26 13:31 - 2021-10-26 13:31 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-26 13:31 - 2021-10-26 13:31 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-16 21:26 - 2021-10-16 21:26 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2021-10-15 19:07 - 2021-10-15 19:07 - 001823296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-10-15 19:07 - 2021-10-15 19:07 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-10-15 19:07 - 2021-10-15 19:07 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-15 19:07 - 2021-10-15 19:07 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-15 19:07 - 2021-10-15 19:07 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-10-15 19:07 - 2021-10-15 19:07 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-10-15 19:07 - 2021-10-15 19:07 - 000449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-10-15 19:07 - 2021-10-15 19:07 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-10-15 19:07 - 2021-10-15 19:07 - 000011495 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-10-15 19:07 - 2021-10-15 19:07 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2021-10-15 19:07 - 2021-10-15 19:07 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2021-10-15 19:06 - 2021-10-15 19:06 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-10-15 19:06 - 2021-10-15 19:06 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-15 19:00 - 2021-10-15 19:01 - 000000000 ___HD C:\$WinREAgent
2021-10-07 20:33 - 2021-10-07 20:33 - 000000000 ____D C:\Users\lapen\AppData\Roaming\EasyAntiCheat
2021-10-07 20:33 - 2021-10-07 20:33 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2021-10-07 20:22 - 2021-10-07 20:22 - 000000000 ____D C:\Users\lapen\AppData\LocalLow\Facepunch Studios LTD
2021-10-07 20:22 - 2021-10-07 20:22 - 000000000 ____D C:\Users\lapen\AppData\Local\GameAnalytics
2021-10-07 19:25 - 2021-10-07 19:25 - 000000202 _____ C:\Users\lapen\Desktop\Rust.url
2021-10-06 21:06 - 2021-11-02 10:19 - 000000000 ____D C:\Users\lapen\AppData\Local\CrashDumps
2021-10-04 19:08 - 2021-10-04 19:08 - 000000000 ____D C:\Users\lapen\AppData\Roaming\WinRAR
2021-10-04 19:05 - 2021-10-04 19:05 - 000000000 ____D C:\Users\lapen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-10-04 19:05 - 2021-10-04 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-10-04 18:52 - 2021-10-04 18:52 - 000000000 ____D C:\Users\lapen\AppData\Roaming\NVIDIA
2021-10-04 18:51 - 2021-10-04 18:51 - 000000000 ____D C:\Users\lapen\AppData\Local\TeamSpeak 3
2021-10-04 18:49 - 2021-10-04 18:49 - 000000634 _____ C:\Users\lapen\Desktop\TeamSpeak 3 Client.lnk
2021-10-04 18:49 - 2021-10-04 18:49 - 000000584 _____ C:\Users\lapen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2021-10-04 14:57 - 2021-10-04 14:57 - 000000571 _____ C:\Users\Public\Desktop\Burning Crusade Classic.lnk
2021-10-04 14:57 - 2021-10-04 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burning Crusade Classic
2021-10-04 14:35 - 2021-10-04 14:35 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2021-10-04 14:34 - 2021-11-02 11:13 - 000000000 ____D C:\Users\lapen\AppData\Local\Battle.net
2021-10-04 14:34 - 2021-10-04 14:35 - 000000000 ____D C:\Users\lapen\AppData\Roaming\Battle.net
2021-10-04 14:34 - 2021-10-04 14:34 - 000000453 _____ C:\Users\Public\Desktop\Battle.net.lnk
2021-10-04 14:34 - 2021-10-04 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-10-04 14:31 - 2021-10-04 14:31 - 000000000 ____D C:\Users\lapen\AppData\Local\Blizzard Entertainment
2021-10-04 14:31 - 2021-10-04 14:31 - 000000000 ____D C:\ProgramData\Battle.net

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-02 11:13 - 2021-09-26 19:57 - 000000000 ____D C:\Users\lapen\AppData\Roaming\discord
2021-11-02 11:12 - 2021-09-26 19:57 - 000000000 ____D C:\Users\lapen\AppData\Local\Discord
2021-11-02 11:12 - 2021-09-22 19:01 - 000000000 ____D C:\Program Files\TeamViewer
2021-11-02 11:12 - 2021-09-20 18:21 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-02 11:12 - 2021-09-20 17:47 - 000000000 __SHD C:\Users\lapen\IntelGraphicsProfiles
2021-11-02 11:12 - 2021-09-20 17:39 - 000000000 ___RD C:\Users\lapen\OneDrive
2021-11-02 11:12 - 2021-09-20 17:30 - 000000000 ____D C:\Intel
2021-11-02 11:12 - 2021-09-20 17:20 - 000258176 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-02 11:12 - 2021-09-20 17:20 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-02 11:12 - 2021-09-20 17:20 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-02 11:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-11-02 11:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-02 11:11 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-11-02 11:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-11-02 10:11 - 2021-09-20 17:40 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-01 21:12 - 2021-09-20 17:20 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-11-01 20:01 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-10-31 21:01 - 2021-09-20 17:52 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-31 20:29 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-10-31 17:22 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-31 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-31 07:38 - 2021-09-20 17:20 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-31 07:38 - 2021-09-20 17:20 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-30 04:59 - 2021-09-20 17:31 - 001609024 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-30 04:59 - 2019-12-07 15:41 - 000685936 _____ C:\Windows\system32\perfh005.dat
2021-10-30 04:59 - 2019-12-07 15:41 - 000138198 _____ C:\Windows\system32\perfc005.dat
2021-10-30 04:50 - 2021-09-20 17:38 - 000000000 ____D C:\Users\lapen\AppData\Local\Packages
2021-10-26 18:58 - 2021-09-20 19:27 - 000000000 ____D C:\Users\lapen\AppData\Local\ElevatedDiagnostics
2021-10-26 14:00 - 2021-09-20 17:41 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-26 14:00 - 2021-09-20 17:41 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-25 21:33 - 2021-09-20 17:39 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4015988873-1104437116-3251221717-1001
2021-10-25 21:33 - 2021-09-20 17:36 - 000002381 _____ C:\Users\lapen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\DiagTrack
2021-10-15 20:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-10-15 19:00 - 2021-09-20 19:33 - 000000000 ____D C:\Windows\system32\MRT
2021-10-15 18:58 - 2021-09-20 19:33 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-10 20:08 - 2021-09-20 19:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-10 08:01 - 2021-09-20 17:20 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 08:01 - 2021-09-20 17:20 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-06 21:18 - 2021-09-22 19:38 - 000000000 ____D C:\Users\lapen\AppData\Local\DayZ
2021-10-06 21:11 - 2021-09-22 19:37 - 000000000 ____D C:\Users\lapen\AppData\Local\DayZ Launcher
2021-10-06 21:00 - 2021-09-22 19:31 - 000000000 ____D C:\Users\lapen\Documents\dzsalauncher
2021-10-06 18:32 - 2021-09-20 17:20 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-10-04 18:49 - 2021-09-20 17:38 - 000000000 ____D C:\Users\lapen\AppData\Local\D3DSCache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2021
Ran by lapen (02-11-2021 11:17:43)
Running from C:\Users\lapen\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) (2021-09-20 16:25:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4015988873-1104437116-3251221717-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4015988873-1104437116-3251221717-503 - Limited - Disabled)
Guest (S-1-5-21-4015988873-1104437116-3251221717-501 - Limited - Disabled)
lapen (S-1-5-21-4015988873-1104437116-3251221717-1001 - Administrator - Enabled) => C:\Users\lapen
WDAGUtilityAccount (S-1-5-21-4015988873-1104437116-3251221717-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
7-Zip 21.03 beta (x64) (HKLM\...\7-Zip) (Version: 21.03 beta - Igor Pavlov)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version: - Blizzard Entertainment)
Debitis version 8.10.5.13 (HKLM-x32\...\Debitis_is1) (Version: 8.10.5.13 - )
Discord (HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
DZSALauncher version 0.0.5.1 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.5.1 - Maca134)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.377 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2105.15.0.2157 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1004 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1943.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c3964069-17c1-45dd-85a5-949576ceeaa3}) (Version: 1.62.321.1 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
kSupport UndeletePlus 3.0.15.8 (HKLM-x32\...\kSupport UndeletePlus_is1) (Version: - Copyright 2006 kSupport.com All Rights Reserved)
Main service (HKLM-x32\...\{7CD4A23B-2BC6-4454-98D7-0939783C7991}) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.40 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10505 - Qualcomm)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.19.627.2017 - Realtek)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Wargaming.net Game Center (HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\Wargaming.net Game Center) (Version: 21.7.0.6827 - Wargaming.net)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-09-20] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-09-20] (INTEL CORP) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0 [2021-10-30] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4015988873-1104437116-3251221717-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-4015988873-1104437116-3251221717-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [File not signed] [File is in use]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-07-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Rar\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Rar\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [File not signed] [File is in use]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-07-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_43100dd3f0c99703\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-07-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Rar\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Rar\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-10-26 14:00 - 2021-11-02 10:18 - 176138584 _____ (Google LLC -> Google LLC) [File not signed] C:\Program Files\Google\Chrome\Application\95.0.4638.54\chrome.dll
2019-07-15 09:20 - 2019-07-15 09:20 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-4015988873-1104437116-3251221717-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-4015988873-1104437116-3251221717-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&src ... ORM=IESR02

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4015988873-1104437116-3251221717-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1063DFBE-0DE5-4FEF-89D1-F56222EDABC9}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6B9A066D-7AF5-4008-9889-5BBAF53F933B}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFFD317E-791F-4959-8E24-DC169A4D7A29}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5D9C73BA-6B45-4A46-87DD-3692A913F2AF}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{505188E3-756C-420D-AB62-B2F9E901165B}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{50AA5094-8E55-44DE-8E8B-AFB5B2B779C0}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{381E6AF1-43ED-43CF-AAB6-29B72A98977C}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{7CFFC07A-3756-40D3-B092-D051C3E3BF92}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{7C660709-D72C-4606-9C63-84E9C74C5615}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{087767D4-ECE7-4E6D-A58E-6CC4A576CEBD}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{74C4F34E-4F55-462B-A905-85FF6460B489}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{B14D41CD-E02A-415B-918D-02CE69DD91D2}] => (Allow) D:\Steam\steamapps\common\Rust\Rust.exe (Facepunch Studios Ltd -> Epic Games, Inc)
FirewallRules: [{15ACE596-1801-40E1-9205-151C2F8D9EC6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0DD41986-1B32-4C14-9066-198E2C6068AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F28547F-C40C-49EF-B8A5-1318228450AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D36FCD43-63D6-4943-BBC5-7171FB046294}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F98D65F-9D48-48AC-9446-61A0DF26368D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6FE14B8-F9BD-4C55-A46F-FF8AF5B984DF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4ED9AAA5-3359-42D6-881D-44FECF5538A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8B4C6A09-C3F3-464F-828B-C0A2B939BD5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3AE04A96-38D1-49DD-B309-41FE11925969}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BB8F9AC1-31EF-4240-A0CD-49652EA04D83}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AD3A6311-1356-4BC1-B126-7A2D3EEEC881}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{560AD089-5EB6-4C6F-9A06-0A8584CEE7F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{39AA3956-E9C1-484F-A4ED-88A3CB4A00F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.171.560.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{10DB9D62-1CFF-4DC2-865D-0A5F36D2B080}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{0BDC71BC-DAE4-4D90-BD8A-93A4C924C2D8}D:\wargaming.net\gamecenter\wgc.exe] => (Allow) D:\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{35A15098-7608-49A9-91D7-2D6489066F81}D:\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{8C185CCF-3C89-4E9A-B70E-32EB5C1C0F69}D:\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{BA522738-A7D9-4B8C-8DB0-3DA4ACCBF21C}C:\users\lapen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lapen\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{9BAB95C3-D8A9-4695-B0EF-81A2424ED32A}C:\users\lapen\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lapen\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{293277AC-0A23-4B3B-82DF-B6E0AC3367D7}] => (Allow) C:\Users\lapen\AppData\Local\Programs\Opera\80.0.4170.72\opera.exe => No File
FirewallRules: [{8A771448-7BAA-485C-9295-85D1CCF01FBE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{68BE9AFA-4D5A-4C51-B09C-B2EB32AC8019}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{531A7D5E-472D-4A71-A804-E8C87F6C1119}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{28E870A7-DDE4-49BB-A5C9-4FB45E5C2F07}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:119.23 GB) (Free:76.34 GB) (64%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/02/2021 10:19:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 47675797747.exe, verze: 52.0.0.0, časové razítko: 0x6165f6ce
Název chybujícího modulu: 47675797747.exe, verze: 52.0.0.0, časové razítko: 0x6165f6ce
Kód výjimky: 0xc0000005
Posun chyby: 0x00004509
ID chybujícího procesu: 0x384c
Čas spuštění chybující aplikace: 0x01d7cfca90f14d07
Cesta k chybující aplikaci: C:\Users\lapen\AppData\Local\Temp\{8Asc-miSwo-JGuw-d1N1N}\47675797747.exe
Cesta k chybujícímu modulu: C:\Users\lapen\AppData\Local\Temp\{8Asc-miSwo-JGuw-d1N1N}\47675797747.exe
ID zprávy: ec9028b8-51dc-4219-ab5e-ee964193c173
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2021 10:18:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mopnns.exe, verze: 52.0.0.0, časové razítko: 0x5000a574
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1288, časové razítko: 0x3e55bd0b
Kód výjimky: 0xe06d7363
Posun chyby: 0x0012b5b2
ID chybujícího procesu: 0x2600
Čas spuštění chybující aplikace: 0x01d7cfcaa5a1c211
Cesta k chybující aplikaci: C:\Users\lapen\AppData\Roaming\neverlose\mopnns.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: dabe4b05-91aa-4fed-b873-5b35bdc28167
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2021 10:18:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UndeletePlus.exe, verze: 10.2.0.4015, časové razítko: 0x617927fb
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000093
ID chybujícího procesu: 0x2430
Čas spuštění chybující aplikace: 0x01d7cfca978c1116
Cesta k chybující aplikaci: C:\Program Files (x86)\kSupport.com\kSupport UndeletePlus\UndeletePlus.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 54592b2e-8e3d-4e97-8be6-da034966b1ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2021 10:18:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UndeletePlus.exe, verze: 10.2.0.4015, časové razítko: 0x617927fb
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000093
ID chybujícího procesu: 0x13ec
Čas spuštění chybující aplikace: 0x01d7cfca9bb1fc6e
Cesta k chybující aplikaci: C:\Program Files (x86)\MachinerData\UndeletePlus.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e1c05ed3-3749-4515-8aa4-34ab8ac1e173
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2021 10:18:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UndeletePlus.exe, verze: 10.2.0.4015, časové razítko: 0x617927fb
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000093
ID chybujícího procesu: 0x2430
Čas spuštění chybující aplikace: 0x01d7cfca978c1116
Cesta k chybující aplikaci: C:\Program Files (x86)\kSupport.com\kSupport UndeletePlus\UndeletePlus.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5145a947-435f-4a48-a1a6-f3f4bea53f93
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2021 10:18:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UndeletePlus.exe, verze: 10.2.0.4015, časové razítko: 0x617927fb
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000093
ID chybujícího procesu: 0x2fd0
Čas spuštění chybující aplikace: 0x01d7cfca8d484919
Cesta k chybující aplikaci: C:\Program Files (x86)\kSupport.com\kSupport UndeletePlus\UndeletePlus.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 70e576bc-6e25-47bb-8c7e-f1a34940deab
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2021 10:18:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UndeletePlus.exe, verze: 10.2.0.4015, časové razítko: 0x617927fb
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000093
ID chybujícího procesu: 0x2fd0
Čas spuštění chybující aplikace: 0x01d7cfca8d484919
Cesta k chybující aplikaci: C:\Program Files (x86)\kSupport.com\kSupport UndeletePlus\UndeletePlus.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 8f854c46-36e3-469c-aebd-1693ce835b35
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2021 10:18:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UndeletePlus.exe, verze: 10.2.0.4015, časové razítko: 0x617927fb
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000093
ID chybujícího procesu: 0x2fd0
Čas spuštění chybující aplikace: 0x01d7cfca8d484919
Cesta k chybující aplikaci: C:\Program Files (x86)\kSupport.com\kSupport UndeletePlus\UndeletePlus.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 36dd3b36-e435-4931-b25a-4320a4d01941
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/02/2021 10:18:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Main Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/02/2021 10:18:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Main Service bylo dosaženo časového limitu (30000 ms).

Error: (10/31/2021 08:59:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby DCIService bylo dosaženo časového limitu (30000 ms).

Error: (10/26/2021 01:32:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\Windows\system32\IntelIHVRouter04.dll
Kód chyby: 21

Error: (10/23/2021 02:05:57 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KUVRBMO)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/23/2021 06:32:45 AM) (Source: ACPI) (EventID: 13) (User: )
Description: : Integrovaný řadič neodpověděl během zadaného časového limitu. Může to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit, že počítač nebude pracovat správně.

Error: (10/22/2021 05:07:59 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Integrovaný řadič neodpověděl během zadaného časového limitu. Může to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit, že počítač nebude pracovat správně.

Error: (10/22/2021 05:00:03 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Integrovaný řadič neodpověděl během zadaného časového limitu. Může to znamenat chybu hardwaru nebo firmwaru integrovaného řadiče nebo že systém BIOS přistupuje k integrovanému řadiči nesprávně. Měli byste zjistit, zda výrobce počítače nemá k dispozici upgrade systému BIOS. V některých situacích může tato chyba způsobit, že počítač nebude pracovat správně.


Windows Defender:
================
Date: 2021-11-02 11:12:38
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Sabsik.FL.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe; file:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator\Restore Point Creator.lnk; regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{48D369E1-8EC2-43BC-9201-973011C2D9AE}_is1; startup:_C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator\Restore Point Creator.lnk; uninstall:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{48D369E1-8EC2-43BC-9201-973011C2D9AE}_is1
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-KUVRBMO\lapen
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze bezpečnostních informací: AV: 1.353.258.0, AS: 1.353.258.0, NIS: 1.353.258.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-02 11:12:18
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Sabsik.FL.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-KUVRBMO\lapen
Název procesu: C:\Windows\System32\RuntimeBroker.exe
Verze bezpečnostních informací: AV: 1.353.258.0, AS: 1.353.258.0, NIS: 1.353.258.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-02 11:07:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7D9B8E0B-1714-4E53-8845-5E61296C0044}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-KUVRBMO\lapen

Date: 2021-11-02 11:02:34
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Sabsik.FL.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\Google\Update\GoogleUpdate.exe; file:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore->(UTF-16LE); file:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA->(UTF-16LE); regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{412E3D34-FD7D-466B-9759-0F3AB4308887}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8D346AC-8109-4990-944E-B73AA9F04F39}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA; service:_gupdate; service:_gupdatem; taskscheduler:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore; taskscheduler:_C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.353.258.0, AS: 1.353.258.0, NIS: 1.353.258.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4

Date: 2021-11-02 11:00:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Sabsik.FL.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.353.258.0, AS: 1.353.258.0, NIS: 1.353.258.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4

CodeIntegrity:
===============
Date: 2021-11-02 11:06:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-11-02 11:06:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-20 19:28:36
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Installer\MSIE4A0.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Dell Inc. 1.14.0 06/07/2021
Motherboard: Dell Inc. 065C71
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 33%
Total physical RAM: 16250.07 MB
Available physical RAM: 10772.79 MB
Total Virtual: 19322.07 MB
Available Virtual: 11853.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.23 GB) (Free:76.34 GB) NTFS
Drive d: () (Fixed) (Total:902.96 GB) (Free:759.92 GB) NTFS

\\?\Volume{e15b30e3-d641-4a1b-b385-64620e758cab}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{0eb2d771-3922-4b1f-b61a-15b0e6839046}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 29A931B6)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 903.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

ahoj
vycisti PC s ADWCleanerom - restart - a potom vycisti s MBAM

[Bosakk00]

Díky za radu, zkusím.

[Bosakk00]

Vypadá to, že to pomohlo.
Díky za radu, zapamtuju si to pro příště

[JaRon]

To ma tesi ak by nieco, poznas nasu adresu