Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu logu FRST

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Leonard
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 23 pro 2013 16:05

Prosím o preventivní kontrolu logu FRST

#1 Příspěvek od Leonard »

prohlížeči Firefox se mě usadil nějaký vir (změna domovké stránky a rozhranní prohlížeče, antivir neustále něco blokoval). Pustil jsem test po restartu a antivir ten "neřád" našel a odstranil. Nyní vše funguje jak má (snad :) ). Prosichr prosím o kontrolu logů. Předem děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-04-2022 03
Ran by Leoš (administrator) on NOTEBOOK_L (LENOVO 20351) (11-04-2022 20:26:27)
Running from C:\Users\Leoš\Downloads
Loaded Profiles: Leoš
Platform: Microsoft Windows 10 Home Version 21H2 19044.1586 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe ->) (Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(services.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-17] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5062384 2015-09-27] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2016-11-26] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2016-11-26] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [208152 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\Run: [Airytec Switch Off] => C:\Program Files\Airytec\Switch Off\swoff.exe [179712 2010-10-31] (Airytec) [File not signed]
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Leoš\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Leoš\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\RunOnce: [Uninstall 22.045.0227.0004] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Leoš\AppData\Local\Microsoft\OneDrive\22.045.0227.0004"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\shm4mPC: C:\Windows\System32\spool\prtprocs\x64\shm4mpc.dll [73832 2019-07-21] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\shm4m Langmon: C:\WINDOWS\system32\shm4mlm.dll [44264 2019-03-31] (联想图像(天津)科技有限公司 -> )
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-30] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-30] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2017-03-29]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BD1DFD9-4A20-41D1-9305-3B33BA40DF8D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {0EDD78CE-82A9-4866-9FA3-B193EC9CCDB7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8ef15fc5-374d-48d8-8722-076869bd6692 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {4110EE86-B248-4619-BCBB-987A3E876410} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {5692CE16-70DA-4253-AD01-17EAC2CA0A87} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (No File)
Task: {6512B531-2074-4202-A9CC-0D1E26DF4269} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6e243af3-211f-42d4-aa90-0407bcb54391 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7A9889DA-0F01-4462-B9D5-E02FC6B50AD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {83374DAB-DE45-4602-9E0B-F3E29F7DEE32} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\51f956bf-798a-451d-be4d-2832e663e6e9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {84660F3D-BA6E-4686-98FE-C4D05E65FC63} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Leoš\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-03-29] (ESET, spol. s r.o. -> ESET)
Task: {84B598A2-E35D-4063-A231-549056F19BD5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a005aed5-938d-4927-a015-99a0d43a4280 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {85E00819-69A4-4CE3-8E86-E045EE6C438B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {994591F7-2272-4139-B9B8-5B6138124AED} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {AB101E2D-12B0-4048-94A9-9D6DFF832D1D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {B00AD4F3-F5C6-467A-ABBD-E0E404ED4ABC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B07EC02D-21EA-4968-82B6-C0F7F7B8ED3C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {B3FA0979-9692-4601-87B0-924D1555527C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C83D178A-9EF1-40CD-9F42-08C0A79AF609} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Leoš\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-03-29] (ESET, spol. s r.o. -> ESET)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D01D6B5F-9987-41FB-AAB3-82E4AC0C3FD2} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE (No File)
Task: {D4064E91-9AF1-4BA8-B422-BB42B54912C7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4992792 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
Task: {DFE1CFB5-3718-4934-9995-3B8C46E763FC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {EB9FCA00-3D16-41D2-A42A-2D6FE1CC8EE3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {F1A973D1-B0F6-4492-B0B5-C0F4DF5C8500} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ad14edce-d692-4216-a82c-a249c142f183 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F5C8182E-2298-4BB9-A36F-85F2C22F965D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {FC7A1752-D78A-48A3-B064-F0C35010235D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{89b07db5-3fd4-4bb0-b1b0-b2490c6089dc}: [DhcpNameServer] 77.236.192.130 77.236.192.150
Tcpip\..\Interfaces\{f8fde1d6-11b9-4160-ba47-3826fbe1d8e1}: [DhcpNameServer] 77.236.192.150

Edge:
=======
DownloadDir: C:\Users\Leoš\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3761517676-348034014-4032153563-1001 -> hxxp://www.google.com/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Leoš\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-23]
Edge DownloadDir: Default -> C:\Users\Leoš\Downloads
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.cz/"
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}

FireFox:
========
FF DefaultProfile: 5sa5wm0q.default-1486802400843-1647971269120
FF ProfilePath: C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\5sa5wm0q.default-1486802400843-1647971269120 [2022-04-11]
FF Homepage: Mozilla\Firefox\Profiles\5sa5wm0q.default-1486802400843-1647971269120 -> about:newtab
FF Extension: (uBlock Origin) - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\5sa5wm0q.default-1486802400843-1647971269120\Extensions\uBlock0@raymondhill.net.xpi [2022-04-11]
FF Extension: (Quantum) - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\5sa5wm0q.default-1486802400843-1647971269120\Extensions\{25c704b7-1833-4562-862d-3e5ac2bdaa2f}.xpi [2022-03-22]
FF Extension: (LiteFox) - C:\Users\Leoš\AppData\Roaming\Mozilla\Firefox\Profiles\5sa5wm0q.default-1486802400843-1647971269120\Extensions\{39e34a35-15de-4e40-9353-d4ec1c91b9d2}.xpi [2022-03-22]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-08-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2017-08-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-28] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8507016 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [563024 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1968976 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563024 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-02-25] (Avast Software s.r.o. -> AVAST Software)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] (Lenovo (Beijing) Limited -> )
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed]
S3 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-07] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-18] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-18] (Electronic Arts, Inc. -> Electronic Arts)
S2 SwOffScheduler; C:\Program Files\Airytec\Switch Off\swoff.exe [179712 2010-10-31] (Airytec) [File not signed]
S2 SwOffWeb; C:\Program Files\Airytec\Switch Off\swoff.exe [179712 2010-10-31] (Airytec) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-30] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36768 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228912 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [378944 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252984 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100408 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2022-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42400 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269448 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546296 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83968 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855320 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [556088 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215936 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318736 2022-04-06] (Avast Software s.r.o. -> AVAST Software)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [438520 2022-02-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-25] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-11 20:26 - 2022-04-11 20:28 - 000025472 _____ C:\Users\Leoš\Downloads\FRST.txt
2022-04-11 20:25 - 2022-04-11 20:25 - 002365952 _____ (Farbar) C:\Users\Leoš\Downloads\FRST64(2).exe
2022-04-11 20:07 - 2022-04-11 20:07 - 000000000 _____ C:\Users\Leoš\Downloads\FRST64(1).exe
2022-04-11 20:04 - 2022-04-11 20:04 - 000000000 _____ C:\Users\Leoš\Downloads\FRST64.exe
2022-04-06 19:55 - 2022-04-06 19:54 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-04-06 19:55 - 2022-04-06 19:54 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-03-29 19:46 - 2022-04-04 15:48 - 000003018 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2022-03-29 19:46 - 2022-04-04 15:48 - 000002638 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2022-03-29 16:11 - 2022-03-29 16:12 - 000001385 _____ C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-03-29 16:11 - 2022-03-29 16:11 - 015274968 _____ (ESET) C:\Users\Leoš\Downloads\esetonlinescanner.exe
2022-03-23 19:42 - 2022-03-23 19:51 - 000000000 ____D C:\AdwCleaner
2022-03-23 19:11 - 2022-03-23 19:11 - 000024060 _____ C:\Users\Leoš\Documents\cc_20220323_181116.reg
2022-03-23 17:53 - 2022-04-11 20:27 - 000000000 ____D C:\FRST
2022-03-22 19:44 - 2022-03-22 19:44 - 000000000 ___HD C:\$AV_ASW
2022-03-21 18:40 - 2022-03-21 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACDLABS 12.0
2022-03-21 18:39 - 2022-03-21 18:40 - 000000000 ____D C:\ACDFREE12
2022-03-21 18:36 - 2022-03-21 18:36 - 040879952 _____ (Advanced Chemistry Development Inc.) C:\Users\Leoš\Downloads\chemsk12.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-11 20:26 - 2016-11-18 08:17 - 000000000 ____D C:\Users\Leoš\AppData\LocalLow\Mozilla
2022-04-11 20:24 - 2022-02-11 16:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-11 20:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-11 19:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-11 19:26 - 2021-04-22 14:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-11 16:37 - 2020-02-11 20:29 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-11 16:37 - 2020-02-11 20:29 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-11 16:30 - 2021-04-26 14:35 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d737758c081f09
2022-04-11 16:30 - 2021-04-22 15:33 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-11 16:29 - 2021-07-30 16:04 - 000000000 ____D C:\Program Files\CCleaner
2022-04-07 15:55 - 2021-12-13 18:37 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3761517676-348034014-4032153563-1001
2022-04-07 15:55 - 2021-05-31 15:14 - 000002382 _____ C:\Users\Leoš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 15:55 - 2021-04-22 15:33 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3761517676-348034014-4032153563-1001
2022-04-07 15:35 - 2022-02-25 21:49 - 000000000 ____D C:\Users\Leoš\AppData\Local\Avast Software
2022-04-06 20:12 - 2016-08-24 16:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-04-06 20:12 - 2015-08-16 12:28 - 000000000 __SHD C:\Users\Leoš\IntelGraphicsProfiles
2022-04-06 20:08 - 2021-04-22 15:15 - 001693346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-06 20:08 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-06 20:08 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-06 20:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-06 20:05 - 2016-04-03 20:13 - 000000000 ____D C:\ProgramData\AVAST Software
2022-04-06 20:04 - 2021-04-22 15:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-06 20:04 - 2021-04-22 14:38 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-06 20:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-06 20:04 - 2017-01-28 16:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-06 20:04 - 2015-08-16 06:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-06 20:02 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-04-06 19:55 - 2022-02-25 21:45 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-04-06 19:55 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-06 19:54 - 2022-02-25 21:44 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000318736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-04-06 19:54 - 2022-02-25 21:44 - 000036768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-04-06 16:43 - 2020-09-30 14:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-05 16:49 - 2021-10-05 15:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-05 16:49 - 2015-08-16 06:05 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-04 15:48 - 2021-07-30 16:04 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-04 15:48 - 2021-07-30 16:04 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2022-04-04 15:48 - 2021-04-22 15:33 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-04 15:48 - 2021-04-22 15:33 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3761517676-348034014-4032153563-1005
2022-04-04 15:48 - 2021-04-22 15:33 - 000002318 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3761517676-348034014-4032153563-500
2022-04-04 15:48 - 2021-04-22 15:33 - 000002208 _____ C:\WINDOWS\system32\Tasks\PDVDServ Task
2022-04-04 15:47 - 2022-02-25 21:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-03-29 17:28 - 2017-10-11 16:39 - 000000000 ____D C:\Users\Leoš\AppData\Roaming\uTorrent
2022-03-29 16:11 - 2016-11-12 09:18 - 000000000 ____D C:\Users\Leoš\AppData\Local\ESET
2022-03-24 06:01 - 2016-03-11 22:47 - 000000000 ____D C:\Users\Leoš\AppData\LocalLow\Temp
2022-03-23 21:13 - 2020-09-30 14:39 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2020-09-30 14:39 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 21:08 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-03-23 20:59 - 2016-05-31 13:38 - 000000584 _____ C:\Users\Leoš\Documents\grstyles.stl
2022-03-23 19:37 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-21 20:01 - 2016-05-31 13:28 - 000000014 _____ C:\Users\Leoš\Documents\LastLab.sk
2022-03-21 18:40 - 2016-05-31 13:25 - 000000000 ____D C:\Users\Leoš\AppData\Roaming\Advanced Chemistry Development
2022-03-20 18:19 - 2015-08-15 23:27 - 000000000 ____D C:\Users\Leoš\AppData\Local\CrashDumps
2022-03-19 07:06 - 2017-04-13 19:40 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-03-15 21:37 - 2015-08-16 12:31 - 000000000 ____D C:\Users\Leoš\Documents\Bluetooth Folder
2022-03-15 16:26 - 2018-04-10 16:26 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories ========

2019-09-25 19:35 - 2019-09-25 19:35 - 000224312 _____ () C:\Users\Leoš\AppData\Roaming\42h_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2018-09-08 08:44 - 2018-09-08 08:44 - 000007168 _____ () C:\Users\Leoš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-19 11:03 - 2015-10-14 19:46 - 000007625 _____ () C:\Users\Leoš\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2022 03
Ran by Leoš (11-04-2022 20:29:13)
Running from C:\Users\Leoš\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1586 (X64) (2021-04-22 13:34:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3761517676-348034014-4032153563-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3761517676-348034014-4032153563-503 - Limited - Disabled)
Guest (S-1-5-21-3761517676-348034014-4032153563-501 - Limited - Disabled)
Leoš (S-1-5-21-3761517676-348034014-4032153563-1001 - Administrator - Enabled) => C:\Users\Leoš
WDAGUtilityAccount (S-1-5-21-3761517676-348034014-4032153563-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACD/Labs Software in C:\ACDFREE12\ (HKLM-x32\...\ACDLabs in C__ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20085 - Adobe Systems Incorporated)
Airytec Switch Off (HKLM\...\Airytec Switch Off) (Version: 3.4 - Airytec)
AMD Catalyst Install Manager (HKLM\...\{6E2E5B9E-BCCC-066F-BBB5-4DCA7289E2CD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 2016 (HKLM-x32\...\{91B33C97-B4A4-B41A-6B97-C62C82CEB6A9}_is1) (Version: 16.0.2 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.3.6008 - Avast Software)
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Command & Conquer Gold Edition Stand Alone v1.06c revision 2 (HKLM-x32\...\{931CFA8E-3CE1-4A96-97D7-32B21A7A8DAA}_is1) (Version: - Westwood Studios)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.9 - Lenovo)
FlatOut2 (HKLM-x32\...\{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1) (Version: 1.0 - US - ACTION, s.r.o.)
Heroes of Might and Magic 2 GOLD (HKLM-x32\...\Heroes of Might and Magic 2 GOLD_is1) (Version: - GOG.com)
Heroes of Might and Magic III Complete HD (HKLM-x32\...\Heroes of Might and Magic III Complete HD) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.36 - Microsoft Corporation)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.5431.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\Uplay Install 44) (Version: - Ubisoft)
Might and Magic Heroes VII (HKLM-x32\...\Uplay Install 1176) (Version: - Ubisoft)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 99.0 (x64 cs)) (Version: 99.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 99.0.0.8124 - Mozilla)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.5431.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.5431.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4919.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-1000-0000000FF1CE}) (Version: 15.0.5431.1000 - Microsoft Corporation) Hidden
OPstat 6.8 (HKLM-x32\...\{DFF69105-7614-4858-9AA1-22B523F5583A}_is1) (Version: - Oldřich Pytela)
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
OriginPro 8.5 (HKLM-x32\...\{E0E49070-F2C7-402A-9D36-C9B87CA2E09D}) (Version: 8.5 - OriginLab Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 191211 - Kakao Corp.)
PotPlayer-64 bit (HKLM-x32\...\PotPlayer64) (Version: 1.7.8557 - Kakao Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SimCity 4 (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.1.0.4 - Electronic Arts)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold HD (HKLM-x32\...\GOGPACKSTRONGHOLDHD_is1) (Version: 2.0.0.3 - GOG.com)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.3.3 - Krzysztof Kowalczyk)
Toolwiz Smart Defrag 2011 (HKLM-x32\...\Toolwiz Smart Defrag FREE_is1) (Version: 1.3.0.0 - Toolwiz.com.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 12.0 - Ubisoft)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Packages:
=========
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2201.14.0_x64__6dqnvyezrysvy [2022-02-02] (Dailymotion)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-17] (Microsoft Corporation)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.33.5.0_x86__q4d96b2w5wcc2 [2022-03-23] (Evernote)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2019-03-06] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-04-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-28] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2019-03-06] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2019-03-06] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2019-03-06] (Microsoft Corporation) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2015.1013.1.0_x64__t3yemqpq4kp7p [2019-03-06] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2019-03-06] (TripAdvisor LLC)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2019-03-06] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-06-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-04-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-06-25 16:53 - 2015-06-25 16:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2014-02-26 19:11 - 2014-02-26 19:11 - 000297984 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2014-02-26 19:11 - 2014-02-26 19:11 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 17:15 - 2015-06-25 17:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 17:17 - 2015-06-25 17:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 17:20 - 2015-06-25 17:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 17:21 - 2015-06-25 17:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 17:14 - 2015-06-25 17:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 12:58 - 2015-07-02 12:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 17:03 - 2015-06-25 17:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 05:13 - 2015-06-25 05:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 17:00 - 2015-06-25 17:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 17:23 - 2015-06-25 17:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 17:28 - 2015-06-25 17:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 17:16 - 2015-06-25 17:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 17:08 - 2015-06-25 17:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 17:58 - 2015-06-25 17:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 16:59 - 2015-06-25 16:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2021-03-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2022-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-12-06 20:45 - 2018-05-10 16:36 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leoš\Pictures\Saved Pictures\cropped-1366-768-334347.jpg
DNS Servers: 77.236.192.130 - 77.236.192.150
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\StartupFolder: => "Odeslat do OneNote.lnk"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Leoš\AppData\Local\Microsoft\OneDrive\17.3.5907.0716"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\Run: => "Uninstall C:\Users\Leoš\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\Run: => "Airytec Switch Off"
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B0B223EF-53B0-4672-B400-52194F57ED25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe (Archaic Entertainment Ltd.) [File not signed]
FirewallRules: [{46E857A9-F933-4A91-BB92-37F116D0DAE8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe (Archaic Entertainment Ltd.) [File not signed]
FirewallRules: [{24BB28F2-D3DD-49FE-BED9-66DCD2E573AE}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 4 Deluxe Edition\Apps\EALaunchHelper.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{3D6D751C-F081-4B4D-9708-41187C0F3CEA}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 4 Deluxe Edition\Apps\EALaunchHelper.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [UDP Query User{B121B5AB-4694-489D-B210-D728FCAD1A47}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [TCP Query User{7CD24353-D9BC-424E-A00C-514DAF025965}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [{E44B4E1A-188C-478C-986B-143BBC3E8F88}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2A9706E6-30C3-4C48-B8F7-E431DB3553DD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{C018EA06-B267-4A13-A9C3-CED77E433842}C:\program files (x86)\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe () [File not signed]
FirewallRules: [TCP Query User{B37778B9-6C1D-4FB8-8D05-0C34CF3724DA}C:\program files (x86)\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe] => (Block) C:\program files (x86)\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe () [File not signed]
FirewallRules: [UDP Query User{EFA8F3D2-AFD1-45C9-A1A8-A68BBD9A99E2}C:\users\leoš\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leoš\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{BAA755CD-F76C-400B-BB75-330CFBC4814D}C:\users\leoš\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leoš\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{9995A65D-FFD2-42F3-B1EA-BF82F27A74F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe (Archaic Entertainment Ltd.) [File not signed]
FirewallRules: [{6DD4B7E9-7346-49C3-84D0-618CBEADE802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\EF_Bin\CoHEF.exe (Archaic Entertainment Ltd.) [File not signed]
FirewallRules: [{37B48FB9-46D3-4A46-B91D-3B2D624E806E}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{47F3258D-B518-4E30-ADC3-9346195F3A57}] => (Allow) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{A0C41DC3-3522-4C8D-B196-6E8DCD242573}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4E5C31A0-ECE2-43F8-94FA-BE8D9B2BB35A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4E347878-DA01-4A5C-BC18-5FF5DA055268}C:\program files (x86)\microsoft games\age of empires\empiresx.exe] => (Block) C:\program files (x86)\microsoft games\age of empires\empiresx.exe (Microsoft Corporation) [File not signed]
FirewallRules: [TCP Query User{9CC68E72-62B9-4906-99F5-13F353267AA5}C:\program files (x86)\microsoft games\age of empires\empiresx.exe] => (Block) C:\program files (x86)\microsoft games\age of empires\empiresx.exe (Microsoft Corporation) [File not signed]
FirewallRules: [UDP Query User{16B634A1-DD0B-40CE-841A-C309D16DACD7}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [TCP Query User{47C9AF6C-63F4-4D5A-A858-EB8052A5DF12}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{6B5C78AB-9943-4094-9D1B-A8B0F86B784C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{8B137B43-A8A5-4B2B-8D15-52AAFA64038C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{2D1527E4-F4CA-4D06-9D3A-23B825FCC018}C:\program files (x86)\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe] => (Allow) C:\program files (x86)\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe () [File not signed]
FirewallRules: [TCP Query User{C898CBBD-C184-408A-B55F-949A969C4A77}C:\program files (x86)\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe] => (Allow) C:\program files (x86)\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe () [File not signed]
FirewallRules: [{12F9955F-80C0-49F6-8D12-2E80679204C8}] => (Allow) LPort=55100
FirewallRules: [{9B7686C9-5702-4DE0-9C5A-D2F6DFEC17B9}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [TCP Query User{D2E8DB77-118D-4AB7-AB06-0858E2121404}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [UDP Query User{EC3F911F-9D59-4A19-A72B-F07A73F409D6}C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe] => (Allow) C:\program files (x86)\gog.com\heroes of might and magic 2 gold\dosbox\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{E7C854D0-4B55-4804-B17E-3AAF240B875F}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 4 Deluxe Edition\Apps\SimCity 4.exe (Electronic Arts -> Maxis)
FirewallRules: [{5E20B4BB-C022-46B2-BA57-713AD5D8031F}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 4 Deluxe Edition\Apps\SimCity 4.exe (Electronic Arts -> Maxis)
FirewallRules: [{2BEFA1A0-1E40-4225-ABCE-BFACECFD5794}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{84DF1F7C-1ADE-44A6-A164-560727EBFF7E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EE250106-2901-4C3D-A0CA-62C6F978C35E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{C0955A33-7C86-42C9-97FF-CC606978FC5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [TCP Query User{ADFBC8D0-5470-4FDF-8E8E-B55FB93945FB}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{A33BECD7-750A-4D7C-B4C2-EDCFC1C4A303}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [{7E735732-3999-416A-8FA8-746C567D9BEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{1956576B-AE15-4B98-BE85-737D3074CD06}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe (The build server will stamp this field) [File not signed]
FirewallRules: [TCP Query User{7B6B77A0-1BDE-4C04-9578-476CBFCFA681}C:\users\leoš\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\leoš\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{BED91B56-3DDC-4BFB-BA2B-78FC3573EAF8}C:\users\leoš\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\leoš\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{F61756B8-8628-43A0-B3A3-DEC651C46A62}C:\users\leoš\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\leoš\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{5269D103-6073-4D56-99C6-A87AF0609A63}C:\users\leoš\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\leoš\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{7CFFCE48-8BFA-4082-9BC4-C493E04405DB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Might and Magic Heroes VII\Binaries\Win64\MMH7Game-Win64-Shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [{4057A389-E5D4-4C6B-AFB0-4B491137A5B8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B61A541E-DF7B-4A86-9C00-4BC4ECF7AA59}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0FDF8D87-33BB-478E-9DDB-7FFD1B10497F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{92ABF9FC-0404-4FD8-B73C-1AACDC94DB84}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A33F8678-1628-4005-BD5F-734FCFE4CFD6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4AD1CE69-E611-4118-BF90-B3EB23EC16F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2FD1D738-D660-402F-822F-26E64CE26097}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FBC740D7-C434-4ADB-91B1-6A16A1F212FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{451C81A1-028B-4DE8-8DB8-DE567593B4E3}C:\westwood\c&c95\c&c95.exe] => (Block) C:\westwood\c&c95\c&c95.exe () [File not signed]
FirewallRules: [UDP Query User{FCFFD609-EFF3-4FED-A3FF-71756AC4413D}C:\westwood\c&c95\c&c95.exe] => (Block) C:\westwood\c&c95\c&c95.exe () [File not signed]
FirewallRules: [{042940ED-EAB6-4E4C-A50C-73407FC3B59F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C1C0791B-29F4-4273-9FEC-1C393A77D626}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

06-04-2022 16:00:01 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/06/2022 08:01:59 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (04/06/2022 08:01:51 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (03/29/2022 03:26:33 PM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/28/2022 03:23:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2021.21090.10008.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 34ac

Čas spuštění: 01d8405659290be3

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: c6012dec-516b-433c-a899-e14582cd3b81

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (03/25/2022 06:05:27 AM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/23/2022 09:10:03 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (03/23/2022 06:19:10 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error

Error: (03/23/2022 05:58:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.1566 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 272c

Čas spuštění: 01d83e2e8e0b8f38

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: d2677c6c-62a7-4f63-9c8f-b62825e320e7

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Quiesce


System errors:
=============
Error: (04/11/2022 08:12:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 07:55:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/11/2022 07:44:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 07:38:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/11/2022 07:29:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 07:28:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/11/2022 07:27:00 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 07:26:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2022-02-25 20:39:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D71A9074-5577-4D3B-9CDF-65003408285F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-07 17:46:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E17FFC8B-A068-4D9F-B7DE-BFE1EBA7BDE1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-01-15 06:54:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.1751.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-11-01 18:59:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.353.219.0
Předchozí verze bezpečnostních informací: 1.351.419.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18700.4
Předchozí verze modulu: 1.1.18600.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2021-11-01 18:59:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.353.219.0
Předchozí verze bezpečnostních informací: 1.351.419.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18700.4
Předchozí verze modulu: 1.1.18600.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2021-11-01 18:59:39
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18700.4
Předchozí verze modulu: 1.1.18600.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2021-06-10 17:45:59
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.337.198.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2022-04-11 16:26:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-04-11 16:21:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 9ACN29WW 10/20/2014
Motherboard: LENOVO Lancer 5A2
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 37%
Total physical RAM: 8084.27 MB
Available physical RAM: 5076.16 MB
Total Virtual: 9364.27 MB
Available Virtual: 5703.77 MB

==================== Drives ================================

Drive c: (Programy) (Fixed) (Total:889.42 GB) (Free:592.27 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.96 GB) NTFS

\\?\Volume{f382bea0-912d-4e8c-b1ec-62b50d896b59}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{4ec79262-709b-45d4-a1be-a5ee18f9b1aa}\ (PBR_DRV) (Fixed) (Total:14.76 GB) (Free:0.27 GB) NTFS
\\?\Volume{1c0198e0-42ed-43b5-a137-473e450b0187}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D77398CA)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu logu FRST

#2 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {AB101E2D-12B0-4048-94A9-9D6DFF832D1D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {D01D6B5F-9987-41FB-AAB3-82E4AC0C3FD2} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE (No File)
C:\WINDOWS\CbsTemp
C:\Users\Leoš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
FirewallRules: [UDP Query User{EFA8F3D2-AFD1-45C9-A1A8-A68BBD9A99E2}C:\users\leoš\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leoš\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{BAA755CD-F76C-400B-BB75-330CFBC4814D}C:\users\leoš\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leoš\appdata\roaming\utorrent\utorrent.exe => No File

EmptyTemp:
End
Uložte do C:\Users\Leoš\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Leonard
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 23 pro 2013 16:05

Re: Prosím o preventivní kontrolu logu FRST

#3 Příspěvek od Leonard »

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-04-2022 03
Ran by Leoš (13-04-2022 04:54:55) Run:2
Running from C:\Users\Leoš\Downloads
Loaded Profiles: Leoš
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {AB101E2D-12B0-4048-94A9-9D6DFF832D1D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {D01D6B5F-9987-41FB-AAB3-82E4AC0C3FD2} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE (No File)
C:\WINDOWS\CbsTemp
C:\Users\Leoš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
HKU\S-1-5-21-3761517676-348034014-4032153563-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
FirewallRules: [UDP Query User{EFA8F3D2-AFD1-45C9-A1A8-A68BBD9A99E2}C:\users\leoš\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leoš\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{BAA755CD-F76C-400B-BB75-330CFBC4814D}C:\users\leoš\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leoš\appdata\roaming\utorrent\utorrent.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB101E2D-12B0-4048-94A9-9D6DFF832D1D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB101E2D-12B0-4048-94A9-9D6DFF832D1D}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Customer Feedback Program => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D01D6B5F-9987-41FB-AAB3-82E4AC0C3FD2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D01D6B5F-9987-41FB-AAB3-82E4AC0C3FD2}" => removed successfully
C:\WINDOWS\System32\Tasks\PDVDServ Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ Task" => removed successfully
C:\WINDOWS\CbsTemp => moved successfully
C:\Users\Leoš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKU\S-1-5-21-3761517676-348034014-4032153563-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFA8F3D2-AFD1-45C9-A1A8-A68BBD9A99E2}C:\users\leoš\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BAA755CD-F76C-400B-BB75-330CFBC4814D}C:\users\leoš\appdata\roaming\utorrent\utorrent.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 50763681 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 3881881 B
Edge => 0 B
Firefox => 1120504866 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 12158 B
NetworkService => 12158 B
Leoš => 124877129 B
defaultuser1 => 124877129 B

RecycleBin => 22721333 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 04:55:37 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu logu FRST

#4 Příspěvek od Rudy »

Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Leonard
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 23 pro 2013 16:05

Re: Prosím o preventivní kontrolu logu FRST

#5 Příspěvek od Leonard »

Děkuji :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o preventivní kontrolu logu FRST

#6 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno