Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Cecko
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 12 črc 2012 21:35

Prosím o kontrolu

#1 Příspěvek od Cecko »

Dobrý den,
prosím o kontrolu logu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2021
Ran by jansi (administrator) on LAPTOP-2HMP2MQ5 (LENOVO 81Y4) (23-06-2021 19:27:53)
Running from C:\Users\jansi\Desktop
Loaded Profiles: jansi
Platform: Windows 10 Home Version 20H2 19042.1052 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_657d56a89b3d77d6\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_657d56a89b3d77d6\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\jansi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_6fdb2f2a4eb90886\Display.NvContainer\NVDisplay.Container.exe <2>
(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1000736 2019-10-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4109032 2021-06-09] (Valve -> Valve Corporation)
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33249248 2021-06-15] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Run: [Discord] => C:\Users\jansi\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1747288 2021-06-06] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Run: [Gif Your Game] => C:\Users\jansi\AppData\Local\Programs\badpanda-react\Gif Your Game.exe [126447560 2021-06-18] (Bad Panda, Inc. -> Bad Panda, Inc.)
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Run: [Opera Browser Assistant] => C:\Users\jansi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4078288 2021-06-15] (Opera Software AS -> Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.114\Installer\chrmstp.exe [2021-06-18] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {063A41A9-7B1C-468B-B7E2-E3ED5F1A9FFB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {11DB45BA-58F5-491A-90D1-90A775B1C5E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BB580C7-BC45-4F56-8ED0-4E8DF8208263} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {1EC97E84-4D0C-463C-9951-755B16840B64} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {1FAB8326-34CE-4E87-A537-0CA5CB0A44E2} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {209FFA5E-7A50-429E-8030-306D3CCCFE2E} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {314EA562-FC07-41D9-BC7C-700E9A14E9EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3409A99C-4323-4A9F-88DB-934C9B16B766} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {376CCF41-D202-4D63-BBAA-EEF84396A6D7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3888F2E1-2ADB-4383-BC93-6C696AD4841E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-04] (Google LLC -> Google LLC)
Task: {3C1CAED0-C15F-460E-B074-962274111528} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4DFD4526-2BE3-49C4-B7E4-403FBE297D62} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {5169A41D-1F99-4155-B059-1D4BF85BA753} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {524DC34F-AA0C-411C-ADDC-3CCB58C9E196} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jansimunek1990@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {54B8D2D8-2CC4-4CA2-9916-2BFEBD9F2E89} - System32\Tasks\Opera scheduled Autoupdate 1608595546 => C:\Users\jansi\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-17] (Opera Software AS -> Opera Software)
Task: {5C422823-7B16-4808-BADF-7A6ED857AE37} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {61D47388-DF48-4DEC-BCE0-FA2FB3F42DFC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {63E50D4F-4CCF-4E3F-AC6E-39E15C0B280C} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {64D932C6-2D98-4623-A642-AF26F9292F7B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C855829-426F-4C86-8AFA-9EC7C4A7F48C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\56f9ba23-b440-4130-83eb-3a103d55cd2f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {73902909-0351-49EC-8103-9ADFA8519338} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {75A0EC27-54B8-4B52-94FA-1EEFF6486240} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1dc55089-61bc-4174-bb36-4a794f468436 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {7E4B6B1F-83F4-4DB8-BD9B-116EE7EE0A54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FD98CF1-C823-4A4C-90CF-D09B125C9D2F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92FCE1EC-8295-42F4-B676-22220A16B805} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a30f9ab-e02a-4f9c-8090-49f4b498ee4d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {A9EC3C57-DA60-40D4-AAA8-D6F9E3A662F7} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2493784 2021-06-06] (Overwolf Ltd -> Overwolf LTD)
Task: {AB5B20D6-6D72-4AB1-BAAB-323DC6743A92} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1D863B5-A339-4667-8995-B1CAD76DD4FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2566578-17E8-4968-A89C-A89F99847645} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe
Task: {C65C74D6-081D-4530-A652-BB444460A5D5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4bbc8f14-433b-44ff-93f8-2c0f4b5cfd83 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {D08E8752-E661-4B8D-AAF8-2937358E6FFD} - System32\Tasks\Opera scheduled assistant Autoupdate 1608595550 => C:\Users\jansi\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-06-17] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\jansi\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D64053AD-EADA-43BF-ABC4-445C2BDD0BA2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E0DCB333-0579-49E1-9FED-F0142B03BF97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-04] (Google LLC -> Google LLC)
Task: {E13DEFB3-3148-4CAF-8B93-36A88C4DF7BA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F05A9887-0B6F-4512-98C4-5D6E5401A2C1} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {F583501C-18DC-42BE-8F3D-542211C75254} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F5A6BAB4-9D24-49E4-94DB-2E675B5B9759} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{09b00b05-6195-46eb-b9a2-f5ecd5d755c1}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{89376d7b-a0e3-4caa-afc8-447b9dc3e7e0}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\jansi\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-23]
Edge HKU\S-1-5-21-886202611-1306557167-2408058951-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default [2021-06-23]
CHR Extension: (Prezentace) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-04]
CHR Extension: (Dokumenty) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-04]
CHR Extension: (Disk Google) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19]
CHR Extension: (YouTube) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-04]
CHR Extension: (uBlock Origin) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-07]
CHR Extension: (Tabulky) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2021-06-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\jansi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-29]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

Opera:
=======
OPR Profile: C:\Users\jansi\AppData\Roaming\Opera Software\Opera Stable [2021-06-17]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\jansi\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-12-24] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2493784 2021-06-06] (Overwolf Ltd -> Overwolf LTD)
R2 Parsec; C:\Program Files\Parsec\pservice.exe [394256 2020-11-17] (Parsec Cloud, Inc. -> Parsec)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1631360 2020-12-02] (Rockstar Games, Inc. -> Rockstar Games)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6fdb2f2a4eb90886\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6fdb2f2a4eb90886\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [43896 2019-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo Group Ltd.)
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2020-01-10] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-23 19:27 - 2021-06-23 19:28 - 000026466 _____ C:\Users\jansi\Desktop\FRST.txt
2021-06-23 19:26 - 2021-06-23 19:28 - 000000000 ____D C:\FRST
2021-06-23 19:26 - 2021-06-23 19:26 - 002300416 _____ (Farbar) C:\Users\jansi\Desktop\FRST64.exe
2021-06-22 17:23 - 2021-06-22 17:58 - 000005580 _____ C:\Users\jansi\Downloads\OCCT.config.json
2021-06-22 17:19 - 2021-06-22 17:19 - 018982640 _____ (OCCT - Ocbase - Adrien Mercier) C:\Users\jansi\Downloads\OCCT.exe
2021-06-22 17:10 - 2021-06-22 17:10 - 001414608 _____ (CPUID, Inc. ) C:\Users\jansi\Downloads\hwmonitor_1.44.exe
2021-06-22 00:00 - 2021-06-22 00:20 - 372588544 _____ C:\Users\jansi\Downloads\Mentalista S02E18 Dvdrip Xvid Cz Vlk007.avi
2021-06-21 23:55 - 2021-06-22 00:15 - 358660996 _____ C:\Users\jansi\Downloads\mentalista-s02e17-tvrip-cz.avi
2021-06-21 23:31 - 2021-06-21 23:57 - 462878688 _____ C:\Users\jansi\Downloads\Mentalista S02E16 2009 CZ.avi
2021-06-21 22:50 - 2021-06-21 23:09 - 350983282 _____ C:\Users\jansi\Downloads\Mentalista s02e15 CZ - Pálivá omáčka.avi
2021-06-21 22:49 - 2021-06-21 23:12 - 423667224 _____ C:\Users\jansi\Downloads\Mentalista S02E14 2009 CZ.avi
2021-06-21 22:49 - 2021-06-21 22:49 - 000000000 ____D C:\Users\jansi\Downloads\focus
2021-06-19 13:16 - 2021-06-19 13:16 - 000000296 _____ C:\Users\jansi\Documents\napady2021.txt
2021-06-18 16:03 - 2021-06-18 16:03 - 000003044 _____ C:\Users\jansi\Documents\unio.txt
2021-06-17 18:27 - 2021-06-17 18:27 - 000000000 ____D C:\Users\jansi\AppData\LocalLow\Team17
2021-06-11 19:53 - 2021-06-11 19:53 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-11 19:53 - 2021-06-11 19:53 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-11 19:53 - 2021-06-11 19:53 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-11 19:53 - 2021-06-11 19:53 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-11 19:53 - 2021-06-11 19:53 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-11 19:53 - 2021-06-11 19:53 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-11 19:53 - 2021-06-11 19:53 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-11 19:53 - 2021-06-11 19:53 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-11 19:52 - 2021-06-11 19:52 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-11 19:52 - 2021-06-11 19:52 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-11 19:52 - 2021-06-11 19:52 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-11 19:52 - 2021-06-11 19:52 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-11 19:52 - 2021-06-11 19:52 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-11 19:52 - 2021-06-11 19:52 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-11 19:52 - 2021-06-11 19:52 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-11 19:52 - 2021-06-11 19:52 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-11 19:52 - 2021-06-11 19:52 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-11 19:52 - 2021-06-11 19:52 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-11 19:20 - 2021-06-11 19:28 - 570383474 _____ C:\Users\jansi\Documents\fanta-euro-video.mp4
2021-06-11 18:44 - 2021-06-11 18:44 - 000008320 _____ C:\Users\jansi\Downloads\VID_20210611_184048.mp4.sfk
2021-06-11 18:43 - 2021-06-11 18:43 - 003525339 _____ C:\Users\jansi\Downloads\VID_20210611_184048.mp4
2021-06-11 18:39 - 2021-06-11 18:39 - 006991878 _____ C:\Users\jansi\Downloads\VID_20210611_182324 (1).mp4
2021-06-11 18:39 - 2021-06-11 18:39 - 000016512 _____ C:\Users\jansi\Downloads\VID_20210611_182324 (1).mp4.sfk
2021-06-11 18:38 - 2021-06-11 18:38 - 004803667 _____ C:\Users\jansi\Downloads\VID_20210611_182852.mp4
2021-06-11 18:38 - 2021-06-11 18:38 - 000011232 _____ C:\Users\jansi\Downloads\VID_20210611_182852.mp4.sfk
2021-06-11 18:28 - 2021-06-11 18:28 - 006991878 _____ C:\Users\jansi\Downloads\VID_20210611_182324.mp4
2021-06-11 15:39 - 2021-06-11 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2021-06-10 17:48 - 2021-06-16 08:35 - 000041280 _____ C:\Users\jansi\Documents\fanta-euro.veg
2021-06-10 17:48 - 2021-06-11 19:09 - 000110976 _____ C:\Users\jansi\Documents\fanta-euro.veg.bak
2021-06-05 04:06 - 2021-06-05 04:42 - 643419685 _____ C:\Users\jansi\Downloads\Collins, Suzanne - Hunger Games 1 - Aréna smrti.rar
2021-06-05 01:41 - 2021-06-10 16:30 - 000019880 _____ C:\Users\jansi\Documents\zetko klaun.veg
2021-06-05 01:41 - 2021-06-06 04:16 - 000020000 _____ C:\Users\jansi\Documents\zetko klaun.veg.bak
2021-06-05 00:51 - 2021-06-05 00:52 - 007685824 _____ C:\Users\jansi\Downloads\20210604_1045599974_Fall Guys_ Ultimate Knockout.mp4.sfk
2021-06-04 04:01 - 2021-06-04 04:01 - 000000697 _____ C:\Users\jansi\Documents\euro-bulanci-nevim.txt
2021-05-31 21:41 - 2021-05-31 21:50 - 167917284 _____ C:\Users\jansi\Downloads\David_Ogilvy-O_reklame(cz_2007).pdf
2021-05-31 13:33 - 2021-05-31 13:33 - 005075605 _____ C:\Users\jansi\Downloads\zetko-tip-skupina-cr.mp4
2021-05-31 13:32 - 2021-05-31 13:32 - 005075605 _____ C:\Users\jansi\Documents\zetko-tip-skupina-cr.mp4
2021-05-29 04:00 - 2021-06-14 05:08 - 000000000 ____D C:\Users\jansi\AppData\Local\Notepad
2021-05-27 21:54 - 2021-05-28 00:17 - 1547966485 _____ C:\Users\jansi\Downloads\Friends.the.Reunion.2021 Přátelé - Zase spolu.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-23 19:25 - 2020-09-05 02:30 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-23 19:23 - 2020-05-07 00:20 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-23 19:21 - 2021-03-18 10:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-23 19:21 - 2021-03-18 10:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-23 19:21 - 2021-01-02 10:32 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-06-23 19:21 - 2021-01-02 10:29 - 000000000 ____D C:\Users\jansi\AppData\Local\Overwolf
2021-06-23 19:21 - 2020-09-05 02:28 - 000000000 ___RD C:\Users\jansi\OneDrive
2021-06-23 19:21 - 2020-09-05 02:26 - 000000000 __SHD C:\Users\jansi\IntelGraphicsProfiles
2021-06-23 19:21 - 2020-09-04 17:05 - 000000000 ____D C:\Users\jansi\AppData\Roaming\discord
2021-06-23 19:21 - 2020-09-04 17:05 - 000000000 ____D C:\Users\jansi\AppData\Local\Discord
2021-06-23 19:21 - 2020-05-07 00:18 - 000000000 ___HD C:\Intel
2021-06-23 19:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-23 19:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-23 19:20 - 2021-03-18 10:29 - 000000000 ____D C:\Users\jansi
2021-06-23 19:20 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-23 18:29 - 2020-05-07 00:11 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-23 17:50 - 2021-03-18 10:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-23 15:37 - 2020-09-23 11:48 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-06-23 02:00 - 2020-09-21 17:22 - 000000000 ____D C:\Users\jansi\AppData\Local\Adobe
2021-06-22 17:19 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-22 11:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-21 20:19 - 2021-03-18 10:33 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1608595546
2021-06-21 20:19 - 2020-12-22 02:05 - 000001416 _____ C:\Users\jansi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-06-21 15:40 - 2021-02-08 13:05 - 000000000 ____D C:\Users\jansi\AppData\Roaming\badpanda-react
2021-06-21 13:07 - 2021-02-08 13:05 - 000002365 _____ C:\Users\jansi\Desktop\Gif Your Game.lnk
2021-06-20 17:58 - 2020-09-10 09:13 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-20 17:58 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-19 00:08 - 2021-03-18 10:33 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-886202611-1306557167-2408058951-1001
2021-06-19 00:08 - 2021-03-18 10:29 - 000002372 _____ C:\Users\jansi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-18 00:37 - 2020-09-04 12:24 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 22:19 - 2020-09-04 12:28 - 000000000 ____D C:\Users\jansi\AppData\Roaming\obs-studio
2021-06-17 05:56 - 2021-03-18 10:33 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1608595550
2021-06-14 15:02 - 2020-09-30 00:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-14 05:14 - 2021-03-18 11:14 - 000543988 _____ C:\WINDOWS\system32\perfh008.dat
2021-06-14 05:14 - 2021-03-18 11:14 - 000089118 _____ C:\WINDOWS\system32\perfc008.dat
2021-06-14 05:14 - 2021-03-18 10:38 - 002320856 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-14 05:14 - 2019-12-07 16:41 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2021-06-14 05:14 - 2019-12-07 16:41 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2021-06-14 05:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-14 05:06 - 2021-03-18 10:28 - 005166072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-14 05:05 - 2021-03-30 19:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-06-14 05:05 - 2021-03-30 19:16 - 000000000 ____D C:\WINDOWS\en-GB
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-14 05:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-12 22:20 - 2019-10-17 06:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-11 19:54 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-11 19:47 - 2020-09-06 00:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-11 19:46 - 2020-09-06 00:11 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-11 15:39 - 2020-05-07 00:13 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-06-11 15:39 - 2020-05-07 00:13 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-06-11 15:39 - 2020-05-07 00:13 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-06-11 15:39 - 2020-05-07 00:13 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-06-11 15:39 - 2020-05-07 00:13 - 000002420 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-06-11 15:39 - 2020-05-07 00:13 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-06-09 19:41 - 2021-05-17 16:57 - 000000000 ____D C:\Users\jansi\Documents\Životopisy
2021-06-09 08:13 - 2021-03-18 10:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-06-08 15:47 - 2021-02-10 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2021-06-08 15:47 - 2021-02-10 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-06-06 18:59 - 2020-09-05 02:29 - 000000000 ____D C:\Users\jansi\AppData\Local\Lenovo
2021-06-06 18:59 - 2020-05-07 00:10 - 000000000 ____D C:\ProgramData\Lenovo
2021-06-06 10:56 - 2020-09-21 00:22 - 000000000 ____D C:\Users\jansi\AppData\Local\CrashDumps
2021-06-04 04:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-02 16:02 - 2020-09-29 18:32 - 000005521 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-05-29 01:38 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-26 13:20 - 2020-09-05 03:17 - 000000000 ____D C:\Users\jansi\AppData\Local\D3DSCache
2021-05-25 07:48 - 2020-09-30 00:40 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-05-25 07:48 - 2020-09-30 00:40 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2020-11-21 23:34 - 2020-11-22 01:15 - 000000081 _____ () C:\Users\jansi\AppData\Local\.bidstack.fault
2020-09-23 19:29 - 2020-09-23 19:29 - 000000000 _____ () C:\Users\jansi\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2021
Ran by jansi (23-06-2021 19:29:04)
Running from C:\Users\jansi\Desktop
Windows 10 Home Version 20H2 19042.1052 (X64) (2021-03-18 08:33:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-886202611-1306557167-2408058951-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-886202611-1306557167-2408058951-503 - Limited - Disabled)
Guest (S-1-5-21-886202611-1306557167-2408058951-501 - Limited - Disabled)
jansi (S-1-5-21-886202611-1306557167-2408058951-1001 - Administrator - Enabled) => C:\Users\jansi
WDAGUtilityAccount (S-1-5-21-886202611-1306557167-2408058951-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.75.1089 - AB Team, d.o.o.)
CrewLink 2.0.1 (HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\f844a100-2ca0-51d4-8013-d11548b01669) (Version: 2.0.1 - Ottomated)
Discord (HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{0EE6DDEF-E36B-45EB-9E03-5A266EC8A8F8}) (Version: 1.1.279.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fall Guys Tracker (HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Overwolf_boagepiocdhgngpcogedeaomcdiomjhomdkjjepm) (Version: 0.1.59 - Overwolf app)
Gif Your Game 5.1.0 (HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\d4bdf6df-7a5c-51e4-b6d0-4309a13db14d) (Version: 5.1.0 - Bad Panda, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.114 - Google LLC)
Haxball 0.3.2 (HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\64a50e28-6b75-5e10-9276-a2d61b7eb215) (Version: 0.3.2 - )
Intel(R) Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel(R) Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.7.19.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14026.20308 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.54 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 452.56 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.56 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 25.0.8 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Opera Stable 77.0.4054.90 (HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\Opera 77.0.4054.90) (Version: 77.0.4054.90 - Opera Software)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.173.0.14 - Overwolf Ltd.)
Paradox Launcher v2 (HKLM\...\{986898D9-7C26-4E7F-814C-9B5472FA3209}) (Version: 2.0.0.0 - Paradox Interactive)
Parsec (HKLM-x32\...\Parsec) (Version: 150-47 - Parsec Cloud Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Skype verze 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Sony Vegas Pro 17.0.0 Build 421 (HKLM-x32\...\Sony Vegas Pro 17.0.0 Build 421) (Version: 17.0.0 Build 421 - Crackingpatching.com Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.24.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.24.1 - General Workings, Inc.)
Twitch Leecher 1.8.4 (HKLM\...\{4871CA2A-E8D6-429D-B3AD-DA09410AF346}) (Version: 1.8.4.0 - Franiac) Hidden
Twitch Leecher 1.8.4 (HKLM-x32\...\{904941a6-1120-4eaa-a150-30df49e3939c}) (Version: 1.8.4.0 - Franiac)
VEGAS Pro 17.0 (HKLM\...\{131CED61-4A0B-11EA-8CFD-00155D6302F2}) (Version: 17.0.421 - VEGAS)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2020-05-07] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2105.16.0_x64__k1h2ywk1493x8 [2021-06-08] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-20] (LENOVO INC) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-08] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.199.0_x64__dt26b99r8h8gj [2020-05-07] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-09-05] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6fdb2f2a4eb90886\nvshext.dll [2020-11-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-05-08 14:15 - 2021-05-08 14:16 - 042557440 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-886202611-1306557167-2408058951-1001 -> DefaultScope {0A64443D-4D58-4FB9-822D-D1DC38C3E473} URL =
SearchScopes: HKU\S-1-5-21-886202611-1306557167-2408058951-1001 -> {0A64443D-4D58-4FB9-822D-D1DC38C3E473} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-09-22 16:48 - 000001027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-886202611-1306557167-2408058951-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\StartupApproved\Run: => "Gif Your Game"
HKU\S-1-5-21-886202611-1306557167-2408058951-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E8D85E58-8C7D-4D01-9A53-D58C0D22C124}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80A607B1-391F-45EB-9BB5-397172DECADE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{086D8F33-A686-4CE9-B7A8-61B251506611}C:\users\jansi\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{292AA9F7-FE94-4816-8E0D-86103BBCBEF3}C:\users\jansi\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [{5FF0741F-6D3E-4579-80D5-46650DDEB60F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{C019DB8C-E7BD-4A35-B655-C71A385AEFF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{7BFB850A-5050-47C3-9176-772805C8AF11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{6A23FB40-CDF3-4C60-8ECC-724B8D893790}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [UDP Query User{FD6F80A5-D0C6-44CD-801A-99E35A269594}C:\users\jansi\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{796BFCEE-51FC-4358-B738-C0C0EDB7C898}C:\users\jansi\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{52883B07-5F74-43BB-B973-F3142EFF1CEF}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{5D13D5CB-D668-4166-BD38-ED3544BD148E}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{4B3D1F2C-1E7E-491B-BA6F-0E3407626CC1}C:\users\jansi\appdata\local\programs\haxball-application\haxball.exe] => (Allow) C:\users\jansi\appdata\local\programs\haxball-application\haxball.exe (GitHub, Inc.) [File not signed]
FirewallRules: [TCP Query User{5579A21A-D0F8-4323-A37A-6462C904F0C7}C:\users\jansi\appdata\local\programs\haxball-application\haxball.exe] => (Allow) C:\users\jansi\appdata\local\programs\haxball-application\haxball.exe (GitHub, Inc.) [File not signed]
FirewallRules: [UDP Query User{555748B1-B9B1-4389-BD03-C9F93D01A5F9}C:\program files\epic games\footballmanager2020\fm.exe] => (Allow) C:\program files\epic games\footballmanager2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [TCP Query User{6A02DA95-4CF7-45EE-B152-99E28A24A0CE}C:\program files\epic games\footballmanager2020\fm.exe] => (Allow) C:\program files\epic games\footballmanager2020\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{367C0F55-E20C-4227-9F41-3509BFB71FD3}] => (Allow) C:\Program Files\Parsec\parsecd.exe (Parsec Cloud, Inc. -> Parsec)
FirewallRules: [{B3CDBB53-F5CB-4010-906D-2141D48B3068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{24746493-7142-4806-AE0D-D5A08C92E6D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{694982BE-B77E-4326-8FD5-3BA587C9DC57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{572ED9E8-287D-4A77-AFCC-220FACC4341F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0BD5AF62-925E-49FE-B830-F025783199A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed]
FirewallRules: [{0FB4CB67-EECC-48BA-A200-DC7C9D986BC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WormsWMD\Worms W.M.D.exe () [File not signed]
FirewallRules: [UDP Query User{D45C564A-7FFE-4991-888F-BDA7BCB3B093}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{942A8D95-9FC3-4F94-A61D-180ADB277D0A}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{040353C6-FBF4-46CC-AE16-F55402ED47F4}C:\users\jansi\downloads\záloha\záloha\bulanci\bulanci.exe] => (Allow) C:\users\jansi\downloads\záloha\záloha\bulanci\bulanci.exe () [File not signed]
FirewallRules: [TCP Query User{4FDC8AD7-C870-4C19-A3A7-39B3945556B3}C:\users\jansi\downloads\záloha\záloha\bulanci\bulanci.exe] => (Allow) C:\users\jansi\downloads\záloha\záloha\bulanci\bulanci.exe () [File not signed]
FirewallRules: [{22A10E5B-0B50-4C1E-AA65-1FA90D6BB107}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{B20E8476-36DD-488E-8DAE-C759B84B49AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{8E62B9F2-DD26-4206-A846-CF679D484C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{2F789F29-1B02-4E74-8140-0130A062A86A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Worms Armageddon\WA.exe (Team17 Software Ltd) [File not signed]
FirewallRules: [{2102BF1B-090D-4660-8B8C-9E23D0BFF63D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E9E7E72A-51D0-48BC-983A-418482B90C4A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B4B85E37-F9BB-4BAA-87D9-C08C12B744D0}] => (Block) C:\Program Files\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{5F2CEF1C-3FAB-41C6-AB27-FDB735164038}] => (Block) C:\Program Files\Adobe\Adobe Photoshop CC 2019 ()
FirewallRules: [{D2E92992-335D-4D12-8778-CB2405370E75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{7B51C04A-03CD-4846-9488-255A601FBF89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe => No File
FirewallRules: [{DF16FD22-74DF-4FD4-847F-8C7B0FAAC2FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 4 The Nightmare Prince\trine4.exe () [File not signed]
FirewallRules: [{E2BB8EAF-3664-4F87-B816-7A2F17DFA6CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trine 4 The Nightmare Prince\trine4.exe () [File not signed]
FirewallRules: [{8BFD8FDB-C1D5-4E0D-BCE1-EE60EE650BFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{C580C238-F082-4417-B41A-61E2D658C31D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{ECC31A13-A9A3-47F9-8674-EC3FDD387B26}] => (Allow) C:\Users\jansi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{14C17A4B-B6E4-47A7-9AE6-FA580328C348}] => (Allow) C:\Users\jansi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7149BDD9-04CE-4C4D-B4F2-8FCDAB55E9A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{168E6497-4437-4101-8A7D-5CF819CB287B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe => No File
FirewallRules: [{C77B9756-5FDA-4932-865F-19163B114272}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{9DF5B15C-48A4-44CA-AA9A-FF6264FED03E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2E739D26-40AC-4618-8FB5-F25493C2EDC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8F123D21-4C02-4DC0-A575-F02620CA26B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{221CFF53-EFF9-4D98-B05E-6AE28F70B701}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{236659D8-1FC1-4C6C-9207-6895BCDBEC24}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0BA3C5F8-1B80-496C-82CB-2BE12F2E62ED}C:\users\jansi\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\jansi\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{0649E204-5705-402A-BD41-8A4D6B7AA2BE}C:\users\jansi\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\jansi\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{CD200B27-B78B-45E6-8FC4-407A236E9131}C:\users\jansi\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [UDP Query User{D4A2F337-59DE-4989-A8AA-875B44829DAF}C:\users\jansi\appdata\local\programs\opera\75.0.3969.218\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\75.0.3969.218\opera.exe => No File
FirewallRules: [{02798935-78FC-42E9-85F7-CA4B2611A86B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{46E8750F-9309-4B9C-B216-C47D9C9B190C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [TCP Query User{CAEF1D2D-7040-4E89-8939-CE8F31959E5B}C:\users\jansi\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{374C96A0-0D05-4C3E-B8DF-E15E1428CFEE}C:\users\jansi\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [TCP Query User{1CDED1D6-8A8B-468D-8131-AC0E0201CDE4}C:\users\jansi\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{70CB5D42-499A-4265-9126-097D3D4E0184}C:\users\jansi\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Allow) C:\users\jansi\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [{3CAE25B5-34CF-40A0-9022-231F4C64D199}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{17F6776F-ABC9-4407-94AE-A6CE68208500}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93A69020-29CA-4D87-9E75-A29A783044C1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB1E05D6-A5E3-45A3-9543-3A39CFE7FA1D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C670C064-98C8-4A55-B4CC-8E2B3ACFF262}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93531368-F2D4-4216-BE68-34BAFBA42D07}] => (Allow) C:\Program Files (x86)\Overwolf\0.170.48.15\OverwolfBrowser.exe => No File
FirewallRules: [{85ABC0BB-DBB0-4AA4-8196-FD20D5039545}] => (Allow) C:\Program Files (x86)\Overwolf\0.170.48.15\OverwolfBrowser.exe => No File
FirewallRules: [{172AA6CB-3908-444A-9417-B0BA76CDACAD}] => (Block) C:\Program Files (x86)\Overwolf\0.170.48.15\OverwolfBrowser.exe => No File
FirewallRules: [{EB7E2843-33C1-4860-B5B7-6B4183A6AFA7}] => (Block) C:\Program Files (x86)\Overwolf\0.170.48.15\OverwolfBrowser.exe => No File
FirewallRules: [{E208581F-E4CF-4B63-8E07-BE1A48E0B6AF}] => (Allow) C:\Program Files (x86)\Overwolf\0.173.0.14\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0578DAD4-0BEB-4DA2-9250-115DEF8C2BF4}] => (Allow) C:\Program Files (x86)\Overwolf\0.173.0.14\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{9D60D4F8-2E88-418B-BF96-C71308134DD8}] => (Block) C:\Program Files (x86)\Overwolf\0.173.0.14\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5CABE2BB-1173-4E4A-931A-12809E6FFE09}] => (Block) C:\Program Files (x86)\Overwolf\0.173.0.14\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{CAA22F17-CD6A-4C04-9004-E6A48DCB9136}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{A942A266-7C36-4272-865F-179CA5B5859C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [TCP Query User{3C6F1466-9143-45A6-A493-AC66DFD61452}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\overcooked2\overcooked2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\overcooked2\overcooked2.exe () [File not signed]
FirewallRules: [UDP Query User{22463C4D-3583-4E71-B1C4-A0AC3BCCDBE6}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\overcooked2\overcooked2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\overcooked2\overcooked2.exe () [File not signed]
FirewallRules: [{74913A09-2C64-4F97-8C2A-009744B5092C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A6AC6E14-9B46-4991-9329-DFE1964993B3}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\overcooked2\overcooked2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\overcooked2\overcooked2.exe () [File not signed]
FirewallRules: [UDP Query User{455727E9-F7F6-40F1-8017-3618D1278139}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\overcooked2\overcooked2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\overcooked2\overcooked2.exe () [File not signed]
FirewallRules: [{C8629F0B-40C4-4EFB-98ED-4BA9CEC3900E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

19-06-2021 11:10:45 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/08/2021 03:51:42 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {D162825E-0972-477A-B322-1281BF293D8F}

Error: (06/06/2021 10:56:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.964, časové razítko: 0x49647dad
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x812662a7
Kód výjimky: 0xc0000602
Posun chyby: 0x000000000010b39c
ID chybujícího procesu: 0x270
Čas spuštění chybující aplikace: 0x01d7598b798122ad
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 4dfc8063-5c3a-4904-af8a-904906e68722
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.1.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (06/04/2021 11:49:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.964 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 49c4

Čas spuštění: 01d7594b3b40df1e

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: d43cb1ad-ba30-4557-ad87-6e1423067f81

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (05/29/2021 10:02:34 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-2HMP2MQ5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/29/2021 10:02:34 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-2HMP2MQ5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/23/2021 03:48:04 PM) (Source: MsiInstaller) (EventID: 11907) (User: LAPTOP-2HMP2MQ5)
Description: Product: Microsoft Office Professional Plus 2010 -- Error 1907. Could not register font . Verify that you have sufficient permissions to install fonts, and that the system supports this font.

Error: (05/23/2021 03:48:01 PM) (Source: MsiInstaller) (EventID: 11907) (User: LAPTOP-2HMP2MQ5)
Description: Product: Microsoft Office Professional Plus 2010 -- Error 1907. Could not register font . Verify that you have sufficient permissions to install fonts, and that the system supports this font.

Error: (05/15/2021 01:43:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Photoshop.exe verze 20.0.0.13785 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2d48

Čas spuštění: 01d74972c375fdd2

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\Adobe\Adobe Photoshop CC 2019\Photoshop.exe

ID hlášení: a9e3a02c-7180-459e-943e-486351dbb668

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle


System errors:
=============
Error: (06/20/2021 09:03:18 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2HMP2MQ5)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/16/2021 03:03:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/14/2021 05:05:31 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2HMP2MQ5)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/14/2021 05:05:31 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2HMP2MQ5)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/14/2021 05:05:31 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2HMP2MQ5)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/14/2021 05:05:31 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2HMP2MQ5)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/14/2021 05:05:31 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-2HMP2MQ5)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/11/2021 10:59:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
================
Date: 2021-06-23 03:36:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0D8EBFA3-998E-433D-84C8-8056CA89E65F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-06-21 02:50:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DA597D3E-E830-402A-B220-FF7E028E7299}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-06-19 23:02:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1ADC3FEC-F6F2-44CD-B056-43802C424BE1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-06-19 00:46:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {36CF5DD5-E957-46AA-8EE1-DF4858318370}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-06-18 03:04:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8C9B6298-F0B3-48CE-AB01-A59216B467E5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-06-04 16:23:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.8.0
Předchozí verze bezpečnostních informací: 1.339.1969.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-04 16:23:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.8.0
Předchozí verze bezpečnostních informací: 1.339.1969.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-04 16:23:17
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-04 03:30:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.8.0
Předchozí verze bezpečnostních informací: 1.339.1969.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-06-04 03:30:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.8.0
Předchozí verze bezpečnostních informací: 1.339.1969.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===============
Date: 2021-06-23 19:21:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\jansi\AppData\Local\Discord\app-1.0.9002\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.173.0.14\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-14 05:08:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\jansi\AppData\Local\Discord\app-1.0.9002\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.170.48.15\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-29 04:01:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\jansi\AppData\Local\Discord\app-1.0.9002\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.170.0.13\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-16 14:13:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\jansi\AppData\Local\Discord\app-1.0.9001\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.169.0.24\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-05-03 17:11:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\jansi\AppData\Local\Discord\app-1.0.9001\Discord.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.169.0.22\win32\OWExplorer.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO EGCN24WW 03/28/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz
Percentage of memory in use: 39%
Total physical RAM: 16252.24 MB
Available physical RAM: 9757.09 MB
Total Virtual: 18684.24 MB
Available Virtual: 10568 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:111.86 GB) NTFS

\\?\Volume{da0e40ba-2a41-4761-934c-d810989b22b4}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.27 GB) NTFS
\\?\Volume{dd832324-2d1b-4114-99ed-b4443a8c187a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 809A7F17)

Partition: GPT.

==================== End of Addition.txt =======================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Spustit skenovani a pockaj na dokoncenie
  • V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
  • V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
  • Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Cecko
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 12 črc 2012 21:35

Re: Prosím o kontrolu

#3 Příspěvek od Cecko »

Zdravím,

sken našel jen předinstalovaný Lenovo software, který bych tam klidně nechal, ale je tam dole možnost jen karanténa a storno. Karanténa bez zakliknutí čehokoliv nejde a storno znamená odejití z testu. Čili žádná možnost: Spustit zakladni opravu.
Čili nevím, jak postupovat po takovýmto nálezu testu. :-)


Obrázek


Díky moc za Váš čas.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#4 Příspěvek od Conder »

Prekvapivo s tymto asi autori AdwCleaneru uplne nepocitali :D Ale da sa to obist pravym kliknutim na "Preinstalled.LenovoIMController" a moznost Pridat do zoznamu vynimiek, a potom spustit sken znovu, kedy by uz nemal najst nic.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Cecko
Návštěvník
Návštěvník
Příspěvky: 38
Registrován: 12 črc 2012 21:35

Re: Prosím o kontrolu

#5 Příspěvek od Cecko »

No, restart mi to nenabídlo a rovnou dalo možnost ukázání logu

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-26-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2058 octets] - [22/12/2020 00:56:26]
AdwCleaner[C00].txt - [2255 octets] - [22/12/2020 00:57:38]
AdwCleaner[S01].txt - [2528 octets] - [21/04/2021 20:22:13]
AdwCleaner[C01].txt - [2130 octets] - [21/04/2021 20:27:55]
AdwCleaner[S02].txt - [2105 octets] - [06/06/2021 18:57:33]
AdwCleaner[S03].txt - [2166 octets] - [06/06/2021 18:58:29]
AdwCleaner[C03].txt - [2593 octets] - [06/06/2021 18:59:20]
AdwCleaner[S04].txt - [2047 octets] - [24/06/2021 22:33:03]
AdwCleaner[S05].txt - [2108 octets] - [24/06/2021 22:35:42]
AdwCleaner[S06].txt - [2169 octets] - [26/06/2021 04:20:44]
AdwCleaner[S07].txt - [2230 octets] - [26/06/2021 18:01:04]
AdwCleaner[S08].txt - [2077 octets] - [26/06/2021 18:01:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C08].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu

#6 Příspěvek od Conder »

Ano, v tomto pripade restart nie je potrebny. Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět