Dobrý den. Na mém notebooku začaly v prohlížečích vyskakovat reklamy. Prosím o kontrolu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2020
Ran by manat (administrator) on LAPTOP-EJO9GE0M (LENOVO 81LK) (27-11-2020 14:47:34)
Running from C:\Users\manat\Desktop
Loaded Profiles: manat
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> ) C:\Program Files\Avast Software\Avast\setup\securebrowser_setup_160648480611544.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <8>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\setup\aswOfferTool.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\setup\instup.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\GfxDownloadWrapper.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\manat\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117344 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-14] () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {07D34AD6-F5C3-4742-828C-1135F4944EE6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-11-27] (Avast Software s.r.o. -> Avast Software)
Task: {1258079C-2638-4701-B45C-D7FBEDF810CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {14AC2434-9952-4061-8AD6-506804EFB996} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D6D954E-3337-4B0B-8ECA-F5874FA1AEAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B7FB58C-66C5-40D5-8795-27FE5B73D248} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5f831498-cb13-48a4-8462-e4e7f0765542 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {502D49D2-0EB4-4574-8630-A88A2387F20E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {522003F2-A919-4976-AF94-4BEAE88589D9} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {57E03ED3-93D5-4E72-92A4-0FCC19BF608E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\53c34629-4988-4217-86c2-5eca0eb70fad => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {59453969-B8BB-4D90-9A8A-1BD4137645F6} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4617832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {62505FDD-CC2A-4868-8989-0FC482CF1F7F} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {650BF75D-122E-4E89-86E4-D94DF90B44DB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {68D01FC4-7D46-4330-8D36-36FA805B5665} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E28E007-CB8E-4211-A231-724C5857631C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {71D9C2C1-A6FC-479F-8643-F1A845983088} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654136 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {749C2744-C751-49C7-9930-5844A0589C09} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7524853B-E19D-422D-ACB6-2192858ADEF1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4ba71018-c75b-47a2-b13e-d72b04addd1e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {7B279985-AE0B-4EAB-8775-40B25E58A631} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B887509-0B0B-4E5D-A843-6CB1930388EF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {808107DE-9076-4DD6-B917-3492245B36E9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {900D676A-7846-4001-B203-F1A87E53A197} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99025F4A-3920-4408-A58C-1E5E8CEBA22F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8ED2F56-07E8-4CC2-BE38-E9F0D5B15BF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B10CB270-1A6F-472C-919D-CF000621474C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {B4C9C929-2BE1-42E3-9EDF-76BC3532E25D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {E3877A3B-ACA4-426E-8968-E24AE9613E2F} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {E3AD4D61-9581-4649-BB47-AAC348AAEF79} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302384 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FC650AAD-E92C-41D4-83BD-4C90727D705C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\145072fb-f24e-45f8-8fcf-bef4cc7a2a01 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {FFF71F57-127C-45A4-895D-740065EF74CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{205fb23d-5c4f-47c4-8d5c-746dd8aecaef}: [DhcpNameServer] 150.208.1.2
Tcpip\..\Interfaces\{cecc4a96-b218-4a70-a65c-ae99f1919f1e}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Edge:
======
Edge Profile: C:\Users\manat\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-27]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR Profile: C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default [2020-11-27]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-02]
CHR Extension: (Dokumenty) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02]
CHR Extension: (Disk Google) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02]
CHR Extension: (Tabulky) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-02]
CHR Extension: (Gmail) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8454552 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [365648 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [3096160 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-01] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-21] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332368 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97352 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16816 2020-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
S3 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176744 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521752 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326416 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Reklamy v prohlížečích
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Reklamy v prohlížečích
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2020
Ran by manat (27-11-2020 14:48:27)
Running from C:\Users\manat\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-11-02 14:45:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4210255883-2599605577-1647361875-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4210255883-2599605577-1647361875-503 - Limited - Disabled)
Guest (S-1-5-21-4210255883-2599605577-1647361875-501 - Limited - Disabled)
manat (S-1-5-21-4210255883-2599605577-1647361875-1001 - Administrator - Enabled) => C:\Users\manat
WDAGUtilityAccount (S-1-5-21-4210255883-2599605577-1647361875-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6938.199 - AVAST Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.171 - McAfee, LLC)
Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2020-11-03] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-11-03] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\e0469640.lenovoutility_3.1.18.0_x64__5grkq8ppsgwt4 [2020-11-03] (LENOVO INC) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.958.0_x64__56jybvy8sckqj [2020-11-03] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-14] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-11-03] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0 [2020-11-14] (Spotify AB) [Startup Task]
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.99.0_x64__8wekyb3d8bbwe [2020-11-14] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\nvshext.dll [2020-07-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-14 14:16 - 2020-11-14 14:17 - 041670144 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-11-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-11-21] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ADFB8126-6470-4FCE-AA9F-410AE2021D88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82FC8EA8-EAA6-4C96-BE48-372B1E7A598B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A0E2566-34A2-4EC4-8A2E-FD945934E1BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9F8F22A-4BAB-4877-BFF3-20861ED82755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8261C8D-8134-4689-B5A2-6EE23B1BAB48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{995882DB-AB23-4855-AB9B-ED962B753D55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A9385B2-0FF3-4FE5-9DF0-CEA9ACC9D5EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E29AA788-E741-48FF-8A41-388C762C283B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DEDC0562-2FD4-42BB-8FFA-B24676719936}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0BEBBDEF-4C2A-4CD6-9789-B348072CCB2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C77D9DB7-3F53-439D-A521-77E8B3F5B153}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84A5FB42-674B-4885-973F-B1AB6836701D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{238BA159-7F0C-4532-ADDC-054E9138B04B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F4F9E1E-5CFB-47A2-9F81-C1540B13BB68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5190BF6-10CD-4F16-B98A-07ACD9192224}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7464599E-7DA1-4E6D-9AB1-72410A561439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B6D40FD-6A01-4548-AF94-AC9CA34571E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F68AA80-3C7E-46E1-AE90-A97471A44C43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{063A0BC7-4BF6-4F40-BB6C-462DE576C44A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB4CBE5E-C4C8-40A5-9C34-7296865CA27B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EBE40B8-0531-4803-9FDC-A9FF171BA7B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
08-11-2020 17:40:53 Naplánovaný kontrolní bod
19-11-2020 05:52:16 Naplánovaný kontrolní bod
27-11-2020 09:54:46 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/27/2020 10:07:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21196,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/27/2020 09:58:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17960,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/27/2020 09:52:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13288,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 09:51:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9900,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 08:35:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16588,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 06:51:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 06:43:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17496,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 05:52:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20664,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (11/27/2020 02:47:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswSnx neuspěla při spuštění v důsledku následující chyby:
Prvek nebyl nalezen.
Error: (11/27/2020 09:43:13 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/24/2020 02:20:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba LenovoVantageService je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (11/23/2020 07:16:29 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: NT AUTHORITY)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/22/2020 09:13:50 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: NT AUTHORITY)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/22/2020 04:34:56 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/22/2020 04:25:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
Error: (11/22/2020 04:25:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PLFNLNT3G5G-AppUp.IntelGraphicsExperience.
CodeIntegrity:
===================================
Date: 2020-11-27 14:49:01.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:49:01.240
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:49:00.432
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:56.183
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:56.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:55.406
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:54.653
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:50.603
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO BGCN24WW 08/19/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8072.24 MB
Available physical RAM: 3961.08 MB
Total Virtual: 9352.24 MB
Available Virtual: 4139.44 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:371.4 GB) NTFS
\\?\Volume{cf1e6b02-72a1-4864-8a80-cf313469e317}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{15c47271-bd09-4b83-8714-0cd62d70517f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 6BE9965B)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by manat (27-11-2020 14:48:27)
Running from C:\Users\manat\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-11-02 14:45:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4210255883-2599605577-1647361875-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4210255883-2599605577-1647361875-503 - Limited - Disabled)
Guest (S-1-5-21-4210255883-2599605577-1647361875-501 - Limited - Disabled)
manat (S-1-5-21-4210255883-2599605577-1647361875-1001 - Administrator - Enabled) => C:\Users\manat
WDAGUtilityAccount (S-1-5-21-4210255883-2599605577-1647361875-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6938.199 - AVAST Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.171 - McAfee, LLC)
Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2020-11-03] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-11-03] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\e0469640.lenovoutility_3.1.18.0_x64__5grkq8ppsgwt4 [2020-11-03] (LENOVO INC) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.958.0_x64__56jybvy8sckqj [2020-11-03] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-14] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-11-03] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0 [2020-11-14] (Spotify AB) [Startup Task]
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.99.0_x64__8wekyb3d8bbwe [2020-11-14] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\nvshext.dll [2020-07-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-14 14:16 - 2020-11-14 14:17 - 041670144 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-11-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-11-21] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ADFB8126-6470-4FCE-AA9F-410AE2021D88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82FC8EA8-EAA6-4C96-BE48-372B1E7A598B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A0E2566-34A2-4EC4-8A2E-FD945934E1BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9F8F22A-4BAB-4877-BFF3-20861ED82755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8261C8D-8134-4689-B5A2-6EE23B1BAB48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{995882DB-AB23-4855-AB9B-ED962B753D55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A9385B2-0FF3-4FE5-9DF0-CEA9ACC9D5EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E29AA788-E741-48FF-8A41-388C762C283B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DEDC0562-2FD4-42BB-8FFA-B24676719936}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0BEBBDEF-4C2A-4CD6-9789-B348072CCB2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C77D9DB7-3F53-439D-A521-77E8B3F5B153}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84A5FB42-674B-4885-973F-B1AB6836701D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{238BA159-7F0C-4532-ADDC-054E9138B04B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F4F9E1E-5CFB-47A2-9F81-C1540B13BB68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5190BF6-10CD-4F16-B98A-07ACD9192224}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7464599E-7DA1-4E6D-9AB1-72410A561439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B6D40FD-6A01-4548-AF94-AC9CA34571E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F68AA80-3C7E-46E1-AE90-A97471A44C43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{063A0BC7-4BF6-4F40-BB6C-462DE576C44A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB4CBE5E-C4C8-40A5-9C34-7296865CA27B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EBE40B8-0531-4803-9FDC-A9FF171BA7B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
08-11-2020 17:40:53 Naplánovaný kontrolní bod
19-11-2020 05:52:16 Naplánovaný kontrolní bod
27-11-2020 09:54:46 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/27/2020 10:07:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21196,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/27/2020 09:58:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17960,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/27/2020 09:52:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13288,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 09:51:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9900,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 08:35:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16588,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 06:51:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 06:43:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17496,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/24/2020 05:52:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20664,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (11/27/2020 02:47:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswSnx neuspěla při spuštění v důsledku následující chyby:
Prvek nebyl nalezen.
Error: (11/27/2020 09:43:13 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/24/2020 02:20:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba LenovoVantageService je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (11/23/2020 07:16:29 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: NT AUTHORITY)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/22/2020 09:13:50 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: NT AUTHORITY)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/22/2020 04:34:56 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/22/2020 04:25:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
Error: (11/22/2020 04:25:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PLFNLNT3G5G-AppUp.IntelGraphicsExperience.
CodeIntegrity:
===================================
Date: 2020-11-27 14:49:01.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:49:01.240
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:49:00.432
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:56.183
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:56.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:55.406
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:54.653
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-27 14:48:50.603
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO BGCN24WW 08/19/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8072.24 MB
Available physical RAM: 3961.08 MB
Total Virtual: 9352.24 MB
Available Virtual: 4139.44 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:371.4 GB) NTFS
\\?\Volume{cf1e6b02-72a1-4864-8a80-cf313469e317}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{15c47271-bd09-4b83-8714-0cd62d70517f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 6BE9965B)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Reklamy v prohlížečích
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Reklamy v prohlížečích
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\manat\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2124 octets] - [28/11/2020 13:34:11]
AdwCleaner[S01].txt - [2185 octets] - [28/11/2020 13:35:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\manat\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2124 octets] - [28/11/2020 13:34:11]
AdwCleaner[S01].txt - [2185 octets] - [28/11/2020 13:35:58]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Reklamy v prohlížečích
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Reklamy v prohlížečích
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2020
Ran by manat (administrator) on LAPTOP-EJO9GE0M (LENOVO 81LK) (29-11-2020 08:17:13)
Running from C:\Users\manat\Desktop
Loaded Profiles: manat
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\manat\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\upfc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117344 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [707416 2018-01-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-14] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {07D34AD6-F5C3-4742-828C-1135F4944EE6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-11-27] (Avast Software s.r.o. -> Avast Software)
Task: {1258079C-2638-4701-B45C-D7FBEDF810CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {14AC2434-9952-4061-8AD6-506804EFB996} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {15CAD0F2-D7E3-4E32-A02D-A556CE219608} - \Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e -> No File <==== ATTENTION
Task: {1D6D954E-3337-4B0B-8ECA-F5874FA1AEAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33B23D48-DB08-4E37-9594-0033FEB001E2} - \Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038 -> No File <==== ATTENTION
Task: {502D49D2-0EB4-4574-8630-A88A2387F20E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {522003F2-A919-4976-AF94-4BEAE88589D9} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {59453969-B8BB-4D90-9A8A-1BD4137645F6} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4617832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {62505FDD-CC2A-4868-8989-0FC482CF1F7F} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {650BF75D-122E-4E89-86E4-D94DF90B44DB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {68D01FC4-7D46-4330-8D36-36FA805B5665} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E28E007-CB8E-4211-A231-724C5857631C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {71D9C2C1-A6FC-479F-8643-F1A845983088} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654136 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {749C2744-C751-49C7-9930-5844A0589C09} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {7B279985-AE0B-4EAB-8775-40B25E58A631} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B887509-0B0B-4E5D-A843-6CB1930388EF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {808107DE-9076-4DD6-B917-3492245B36E9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {900D676A-7846-4001-B203-F1A87E53A197} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99025F4A-3920-4408-A58C-1E5E8CEBA22F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8ED2F56-07E8-4CC2-BE38-E9F0D5B15BF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B10CB270-1A6F-472C-919D-CF000621474C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {B4C9C929-2BE1-42E3-9EDF-76BC3532E25D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {CA40B1FE-169E-4034-B44E-07F65EF3A66C} - \Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1 -> No File <==== ATTENTION
Task: {E3877A3B-ACA4-426E-8968-E24AE9613E2F} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {E3AD4D61-9581-4649-BB47-AAC348AAEF79} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302384 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7FC150B-1CB5-4DA9-90C3-C68516A27420} - \Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97 -> No File <==== ATTENTION
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {FFF71F57-127C-45A4-895D-740065EF74CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{205fb23d-5c4f-47c4-8d5c-746dd8aecaef}: [DhcpNameServer] 150.208.1.2
Tcpip\..\Interfaces\{cecc4a96-b218-4a70-a65c-ae99f1919f1e}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Edge:
======
Edge Profile: C:\Users\manat\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-27]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR Profile: C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default [2020-11-29]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-02]
CHR Extension: (Dokumenty) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02]
CHR Extension: (Disk Google) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02]
CHR Extension: (Tabulky) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-02]
CHR Extension: (Gmail) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2018-01-11] (Autodesk, Inc. -> Autodesk Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8454552 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [365648 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [3096160 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-01] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332368 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97352 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16816 2020-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176744 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521752 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326416 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-29 08:17 - 2020-11-29 08:17 - 000022904 _____ C:\Users\manat\Desktop\FRST.txt
2020-11-28 13:51 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Local\D3DSCache
2020-11-28 13:51 - 2020-11-28 13:51 - 000000000 ____D C:\ProgramData\FLEXnet
2020-11-28 13:46 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Local\Autodesk
2020-11-28 13:46 - 2020-11-28 13:46 - 000002198 _____ C:\Users\Public\Desktop\AutoCAD 2019 – Čeština (Czech).lnk
2020-11-28 13:46 - 2020-11-28 13:46 - 000000000 ____D C:\Program Files (x86)\Autodesk
2020-11-28 13:45 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Roaming\Autodesk
2020-11-28 13:45 - 2020-11-28 13:45 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2020-11-28 13:44 - 2020-11-28 13:46 - 000000000 ____D C:\Program Files\Autodesk
2020-11-28 13:44 - 2020-11-28 13:45 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2020-11-28 13:43 - 2020-11-28 13:55 - 000000000 ____D C:\ProgramData\Autodesk
2020-11-28 13:42 - 2020-11-28 13:42 - 000000000 ____D C:\Users\manat\AppData\Roaming\WinRAR
2020-11-28 13:42 - 2020-11-28 13:42 - 000000000 ____D C:\Program Files\WinRAR
2020-11-28 13:41 - 2020-11-28 13:42 - 003417584 _____ C:\Users\manat\Downloads\winrar-x64-591cz.exe
2020-11-28 13:33 - 2020-11-28 13:36 - 000000000 ____D C:\AdwCleaner
2020-11-28 13:33 - 2020-11-28 13:33 - 008447152 _____ (Malwarebytes) C:\Users\manat\Downloads\adwcleaner_8.0.8.exe
2020-11-27 14:47 - 2020-11-29 08:17 - 000000000 ____D C:\FRST
2020-11-27 14:47 - 2020-11-27 14:47 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-11-27 14:47 - 2020-11-27 14:47 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-11-27 14:47 - 2020-11-27 14:47 - 000002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-11-27 14:47 - 2020-11-27 14:47 - 000000000 ____D C:\Users\manat\AppData\Local\AVAST Software
2020-11-27 14:46 - 2020-11-27 14:46 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2020-11-27 14:46 - 2020-11-27 14:46 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2020-11-27 14:46 - 2020-11-27 14:46 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2020-11-27 14:44 - 2020-11-27 14:44 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-11-27 14:44 - 2020-11-27 14:44 - 000000000 ____D C:\Users\manat\AppData\Roaming\Avast Software
2020-11-27 14:43 - 2020-11-29 08:16 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-11-27 14:43 - 2020-11-27 14:44 - 000220784 _____ (AVAST Software) C:\Users\manat\Downloads\avast_free_antivirus_setup_online (2).exe
2020-11-27 14:43 - 2020-11-27 14:43 - 002290176 _____ (Farbar) C:\Users\manat\Downloads\FRST64.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 002290176 _____ (Farbar) C:\Users\manat\Desktop\FRST64.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000521752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000469832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000339552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 000332368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000326416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000206408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000176744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000097352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000016816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-11-27 14:43 - 2020-11-27 14:43 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-11-27 14:42 - 2020-11-27 14:48 - 000000000 ____D C:\ProgramData\Avast Software
2020-11-27 14:42 - 2020-11-27 14:42 - 000220784 _____ (AVAST Software) C:\Users\manat\Downloads\avast_free_antivirus_setup_online (1).exe
2020-11-27 14:42 - 2020-11-27 14:42 - 000000000 ____D C:\Program Files\Avast Software
2020-11-27 09:35 - 2020-11-28 13:34 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F82A5C71-8D1B-4A77-9455-5B7E4D7F95F7}
2020-11-23 19:28 - 2020-11-23 20:47 - 821810346 _____ C:\Users\manat\Downloads\Slunečná 65. Mafiánská konkubína 100%.mkv
2020-11-18 14:36 - 2020-11-18 15:35 - 638879951 _____ C:\Users\manat\Downloads\Slunečná 64 - Nepřítel na telefonu.mp4
2020-11-14 14:17 - 2020-11-24 14:20 - 000001849 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2020-11-14 14:17 - 2020-11-14 14:17 - 000000303 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2020-11-14 14:13 - 2020-11-14 15:12 - 641489258 _____ C:\Users\manat\Downloads\Slunečná 63-Návrat desperáta.mp4
2020-11-12 17:18 - 2020-11-12 17:53 - 637116328 _____ C:\Users\manat\Downloads\Slunečná 62-Studna.mp4
2020-11-11 15:22 - 2020-11-11 16:22 - 1081169649 _____ C:\Users\manat\Downloads\Slunečná 61 - Velké stěhování.mp4
2020-11-11 00:08 - 2020-11-11 00:08 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-11-05 17:46 - 2020-11-05 17:46 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-11-04 14:27 - 2020-11-04 15:37 - 753142082 _____ C:\Users\manat\Downloads\Slunečná 60-Lži a intriky.mp4
2020-11-03 18:24 - 2020-11-21 06:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-03 18:24 - 2020-11-11 00:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-03 14:15 - 2020-11-03 14:15 - 000000000 ____D C:\Program Files\UNP
2020-11-03 00:31 - 2015-04-28 19:06 - 000043256 _____ C:\WINDOWS\system32\oemlogo.bmp
2020-11-03 00:30 - 2020-11-05 17:46 - 000000000 ____D C:\Windows.old
2020-11-03 00:30 - 2020-11-03 00:30 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-11-03 00:29 - 2020-11-03 00:29 - 000000000 ____D C:\WINDOWS\system32\Intel
2020-11-03 00:29 - 2020-11-03 00:29 - 000000000 ____D C:\WINDOWS\system32\cAVS
2020-11-03 00:28 - 2020-11-28 13:36 - 000000000 ____D C:\WINDOWS\Lenovo
2020-11-03 00:27 - 2020-11-03 00:27 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-11-03 00:27 - 2020-11-03 00:27 - 000000000 ____D C:\WINDOWS\Setup
2020-11-03 00:26 - 2020-11-28 13:54 - 000685020 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-03 00:26 - 2020-11-28 13:54 - 000137706 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\cs
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\0409
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\DigitalLocker
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\ProgramData\ssh
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\OCR
2020-11-03 00:25 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-11-03 00:25 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-03 00:24 - 2020-11-28 13:54 - 000000000 ____D C:\WINDOWS\INF
2020-11-03 00:24 - 2020-11-28 13:50 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-03 00:24 - 2020-11-28 13:46 - 000000000 ___RD C:\Program Files (x86)
2020-11-03 00:24 - 2020-11-28 13:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-11-03 00:24 - 2020-11-28 13:35 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-03 00:24 - 2020-11-28 13:34 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-03 00:24 - 2020-11-27 14:44 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-03 00:24 - 2020-11-08 16:11 - 000000000 ____D C:\WINDOWS\appcompat
2020-11-03 00:24 - 2020-11-03 00:30 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-11-03 00:24 - 2020-11-03 00:30 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Com
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\Help
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __RSD C:\WINDOWS\Media
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\Nui
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Web
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\WaaS
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Vss
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\tracing
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\TAPI
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SystemApps
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\winevt
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ti-et
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ta-in
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\si-lk
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ras
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\my-mm
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\IME
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\icsxml
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ias
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\DriverState
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\am-et
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\System
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SKB
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\schemas
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SchCache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\security
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Resources
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\rescache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\PLA
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Performance
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\IdentityCRL
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Globalization
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Cursors
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Containers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Branding
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\addins
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\ProgramData\USOShared
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Security
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Common Files\Services
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows NT
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-11-03 00:24 - 2020-11-03 00:23 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2020-11-03 00:24 - 2020-11-03 00:23 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2020-11-03 00:24 - 2020-11-03 00:23 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-03 00:24 - 2020-11-03 00:23 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2020-11-03 00:24 - 2020-11-03 00:23 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2020-11-03 00:24 - 2020-11-03 00:23 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2020-11-03 00:24 - 2020-11-03 00:23 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2020-11-03 00:24 - 2020-11-03 00:23 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2020-11-03 00:24 - 2020-11-03 00:23 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2020-11-03 00:24 - 2020-11-02 16:04 - 000000000 ____D C:\WINDOWS\ServiceState
2020-11-03 00:24 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\system32\spool
2020-11-03 00:24 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-11-03 00:24 - 2020-11-02 15:41 - 000000000 ____D C:\Program Files\Windows NT
2020-11-03 00:24 - 2020-11-02 15:40 - 000000000 __RHD C:\Users\Public\Libraries
2020-11-03 00:24 - 2020-11-02 15:40 - 000000000 ____D C:\WINDOWS\Registration
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\IME
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files\Common Files\System
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-11-03 00:24 - 2020-11-02 15:35 - 000000000 ____D C:\ProgramData\USOPrivate
2020-11-03 00:24 - 2020-11-02 15:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-11-03 00:24 - 2020-11-02 15:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-11-03 00:21 - 2020-11-28 13:49 - 098566144 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-11-03 00:21 - 2020-11-28 13:49 - 030932992 _____ C:\WINDOWS\system32\config\SYSTEM
2020-11-03 00:21 - 2020-11-28 13:49 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
2020-11-03 00:21 - 2020-11-28 13:49 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-03 00:21 - 2020-11-28 13:49 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2020-11-03 00:21 - 2020-11-28 13:49 - 000032768 _____ C:\WINDOWS\system32\config\SAM
2020-11-03 00:21 - 2020-11-27 14:44 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-11-03 00:21 - 2020-11-11 00:11 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-03 00:21 - 2020-11-03 18:24 - 000000000 ____D C:\WINDOWS\servicing
2020-11-03 00:21 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\SMI
2020-11-03 00:21 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\Panther
2020-11-02 16:04 - 2020-11-02 16:04 - 000000000 ____D C:\Users\manat\AppData\Local\Comms
2020-11-02 15:56 - 2020-11-18 17:15 - 000000000 ____D C:\WINDOWS\TempInst
2020-11-02 15:53 - 2020-11-14 14:13 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-02 15:53 - 2020-11-14 14:13 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-02 15:53 - 2020-11-02 15:56 - 000000000 ____D C:\Users\manat\AppData\Local\Google
2020-11-02 15:53 - 2020-11-02 15:53 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-02 15:53 - 2020-11-02 15:53 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-02 15:53 - 2020-11-02 15:53 - 000000000 ____D C:\Program Files\Google
2020-11-02 15:53 - 2020-11-02 15:53 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-02 15:52 - 2020-11-02 15:52 - 001317080 _____ (Google LLC) C:\Users\manat\Downloads\ChromeSetup.exe
2020-11-02 15:50 - 2020-11-28 13:36 - 000000000 ____D C:\Users\manat\AppData\Local\Lenovo
2020-11-02 15:50 - 2020-11-03 16:26 - 000000000 ____D C:\Users\manat\AppData\Local\PlaceholderTileLogoFolder
2020-11-02 15:50 - 2020-11-02 15:50 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4210255883-2599605577-1647361875-1001
2020-11-02 15:49 - 2020-11-02 15:49 - 000000000 ____D C:\Users\manat\AppData\Local\CEF
2020-11-02 15:49 - 2020-11-02 15:49 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-11-02 15:48 - 2020-11-02 16:06 - 000000000 ____D C:\ProgramData\Packages
2020-11-02 15:48 - 2020-11-02 16:05 - 000000000 ____D C:\Users\manat\AppData\Local\Publishers
2020-11-02 15:47 - 2020-11-28 13:54 - 001606102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-02 15:47 - 2020-11-03 16:27 - 000000000 ____D C:\Users\manat\AppData\Local\Intel
2020-11-02 15:47 - 2020-11-03 16:26 - 000000000 ____D C:\Users\manat\AppData\Local\ConnectedDevicesPlatform
2020-11-02 15:47 - 2020-11-03 14:15 - 000000000 ____D C:\Users\manat\AppData\Local\NVIDIA Corporation
2020-11-02 15:47 - 2020-11-02 17:48 - 000000000 ____D C:\Users\manat\AppData\Local\Packages
2020-11-02 15:47 - 2020-11-02 15:47 - 000000020 ___SH C:\Users\manat\ntuser.ini
2020-11-02 15:47 - 2020-11-02 15:47 - 000000000 ____D C:\Users\manat\AppData\Roaming\Adobe
2020-11-02 15:47 - 2020-11-02 15:47 - 000000000 ____D C:\Users\manat\AppData\Local\VirtualStore
2020-11-02 15:45 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\minidump
2020-11-02 15:41 - 2020-11-28 13:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-02 15:41 - 2020-11-14 14:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-11-02 15:41 - 2020-11-02 15:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-02 15:41 - 2020-11-02 15:41 - 000003554 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2020-11-02 15:41 - 2020-11-02 15:41 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b125465b5fd6
2020-11-02 15:41 - 2020-11-02 15:41 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4210255883-2599605577-1647361875-500
2020-11-02 15:41 - 2020-11-02 15:41 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Poslední
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Okolní síť
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Poslední
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\All Users
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Plocha
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Data aplikací
2020-11-02 15:41 - 2019-11-23 04:56 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-976940842-2883749116-2420433773-500
2020-11-02 15:41 - 2019-10-17 05:12 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3354727278-81800435-1074778100-500
2020-11-02 15:38 - 2020-11-11 14:15 - 000000000 ____D C:\Users\manat
2020-11-02 15:38 - 2020-11-02 15:50 - 000002376 _____ C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Šablony
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Soubory cookie
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Poslední
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Okolní tiskárny
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Okolní síť
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Nabídka Start
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Dokumenty
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Obrázky
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Hudba
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Filmy
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Data aplikací
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\AppData\Local\Data aplikací
2020-11-02 15:34 - 2020-11-27 09:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-02 15:33 - 2020-11-28 13:49 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2020-11-02 15:33 - 2020-11-02 17:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-02 15:33 - 2020-11-02 15:51 - 000000000 ____D C:\ProgramData\Lenovo
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\ProgramData\Realtek
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\Program Files\Common Files\Dolby
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2020-11-02 15:31 - 2020-11-29 08:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-02 15:31 - 2020-11-28 13:49 - 000532656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-02 15:16 - 2020-11-03 00:31 - 000000000 ___HD C:\$SysReset
2020-11-01 17:31 - 2020-11-01 19:25 - 1201435150 _____ C:\Users\manat\Desktop\Přes prsty 2019 CZ Dabing Cesky film komedie romanticke (kkk).avi
2020-10-31 19:51 - 2020-10-31 20:34 - 766965950 _____ C:\Users\manat\Downloads\Slunečná 59-Živý nebo mrtvý.mp4
2020-10-31 18:47 - 2020-10-31 19:50 - 646329840 _____ C:\Users\manat\Downloads\Slunečná 58 (bob).mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-28 13:51 - 2019-11-23 06:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-28 13:49 - 2020-03-26 02:02 - 000000000 __SHD C:\Users\manat\IntelGraphicsProfiles
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap Photo
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2019 – Čeština (Czech)
2020-11-28 13:46 - 2020-03-25 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2020-11-28 13:44 - 2019-11-23 06:08 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-28 13:42 - 2020-03-25 10:18 - 000000000 ____D C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-28 13:42 - 2020-03-25 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-28 13:37 - 2020-03-26 02:04 - 000000000 ___RD C:\Users\manat\OneDrive
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\Lenovo
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\Program Files\Lenovo
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-11-15 16:12 - 2019-11-23 06:02 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-11 02:07 - 2020-03-26 02:02 - 000000000 ___RD C:\Users\manat\3D Objects
2020-11-11 02:07 - 2019-10-17 05:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-04 17:31 - 2020-09-16 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-11-04 17:31 - 2019-11-23 06:04 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-11-03 16:27 - 2019-11-23 06:10 - 000000000 ____D C:\ProgramData\Intel
2020-11-02 15:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-11-02 15:37 - 2019-11-23 06:20 - 000000000 ____D C:\ProgramData\McInstTemp0161681574486451
2020-11-02 15:37 - 2019-11-23 06:14 - 000000000 ____D C:\ProgramData\McInstTemp0149631574486082
2020-11-02 15:37 - 2019-11-23 06:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:11 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:08 - 000000000 ____D C:\Program Files\Intel
2020-11-02 15:36 - 2019-11-23 06:02 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-11-02 15:36 - 2019-10-07 03:51 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-11-02 15:35 - 2019-11-23 06:08 - 000000000 ____D C:\DRIVER
2020-11-02 15:35 - 2019-11-23 06:03 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-11-02 15:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-11-02 15:33 - 2019-11-23 06:10 - 000000000 ___HD C:\Intel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by manat (administrator) on LAPTOP-EJO9GE0M (LENOVO 81LK) (29-11-2020 08:17:13)
Running from C:\Users\manat\Desktop
Loaded Profiles: manat
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\manat\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\upfc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117344 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [707416 2018-01-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-14] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {07D34AD6-F5C3-4742-828C-1135F4944EE6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-11-27] (Avast Software s.r.o. -> Avast Software)
Task: {1258079C-2638-4701-B45C-D7FBEDF810CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {14AC2434-9952-4061-8AD6-506804EFB996} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {15CAD0F2-D7E3-4E32-A02D-A556CE219608} - \Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e -> No File <==== ATTENTION
Task: {1D6D954E-3337-4B0B-8ECA-F5874FA1AEAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33B23D48-DB08-4E37-9594-0033FEB001E2} - \Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038 -> No File <==== ATTENTION
Task: {502D49D2-0EB4-4574-8630-A88A2387F20E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {522003F2-A919-4976-AF94-4BEAE88589D9} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {59453969-B8BB-4D90-9A8A-1BD4137645F6} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4617832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {62505FDD-CC2A-4868-8989-0FC482CF1F7F} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {650BF75D-122E-4E89-86E4-D94DF90B44DB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {68D01FC4-7D46-4330-8D36-36FA805B5665} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E28E007-CB8E-4211-A231-724C5857631C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {71D9C2C1-A6FC-479F-8643-F1A845983088} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654136 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {749C2744-C751-49C7-9930-5844A0589C09} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {7B279985-AE0B-4EAB-8775-40B25E58A631} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B887509-0B0B-4E5D-A843-6CB1930388EF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {808107DE-9076-4DD6-B917-3492245B36E9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {900D676A-7846-4001-B203-F1A87E53A197} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99025F4A-3920-4408-A58C-1E5E8CEBA22F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8ED2F56-07E8-4CC2-BE38-E9F0D5B15BF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B10CB270-1A6F-472C-919D-CF000621474C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {B4C9C929-2BE1-42E3-9EDF-76BC3532E25D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {CA40B1FE-169E-4034-B44E-07F65EF3A66C} - \Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1 -> No File <==== ATTENTION
Task: {E3877A3B-ACA4-426E-8968-E24AE9613E2F} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {E3AD4D61-9581-4649-BB47-AAC348AAEF79} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302384 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7FC150B-1CB5-4DA9-90C3-C68516A27420} - \Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97 -> No File <==== ATTENTION
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {FFF71F57-127C-45A4-895D-740065EF74CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{205fb23d-5c4f-47c4-8d5c-746dd8aecaef}: [DhcpNameServer] 150.208.1.2
Tcpip\..\Interfaces\{cecc4a96-b218-4a70-a65c-ae99f1919f1e}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Edge:
======
Edge Profile: C:\Users\manat\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-27]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR Profile: C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default [2020-11-29]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-02]
CHR Extension: (Dokumenty) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02]
CHR Extension: (Disk Google) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02]
CHR Extension: (Tabulky) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-02]
CHR Extension: (Gmail) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2018-01-11] (Autodesk, Inc. -> Autodesk Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8454552 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [365648 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [3096160 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-01] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332368 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97352 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16816 2020-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176744 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521752 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326416 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-29 08:17 - 2020-11-29 08:17 - 000022904 _____ C:\Users\manat\Desktop\FRST.txt
2020-11-28 13:51 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Local\D3DSCache
2020-11-28 13:51 - 2020-11-28 13:51 - 000000000 ____D C:\ProgramData\FLEXnet
2020-11-28 13:46 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Local\Autodesk
2020-11-28 13:46 - 2020-11-28 13:46 - 000002198 _____ C:\Users\Public\Desktop\AutoCAD 2019 – Čeština (Czech).lnk
2020-11-28 13:46 - 2020-11-28 13:46 - 000000000 ____D C:\Program Files (x86)\Autodesk
2020-11-28 13:45 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Roaming\Autodesk
2020-11-28 13:45 - 2020-11-28 13:45 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2020-11-28 13:44 - 2020-11-28 13:46 - 000000000 ____D C:\Program Files\Autodesk
2020-11-28 13:44 - 2020-11-28 13:45 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2020-11-28 13:43 - 2020-11-28 13:55 - 000000000 ____D C:\ProgramData\Autodesk
2020-11-28 13:42 - 2020-11-28 13:42 - 000000000 ____D C:\Users\manat\AppData\Roaming\WinRAR
2020-11-28 13:42 - 2020-11-28 13:42 - 000000000 ____D C:\Program Files\WinRAR
2020-11-28 13:41 - 2020-11-28 13:42 - 003417584 _____ C:\Users\manat\Downloads\winrar-x64-591cz.exe
2020-11-28 13:33 - 2020-11-28 13:36 - 000000000 ____D C:\AdwCleaner
2020-11-28 13:33 - 2020-11-28 13:33 - 008447152 _____ (Malwarebytes) C:\Users\manat\Downloads\adwcleaner_8.0.8.exe
2020-11-27 14:47 - 2020-11-29 08:17 - 000000000 ____D C:\FRST
2020-11-27 14:47 - 2020-11-27 14:47 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-11-27 14:47 - 2020-11-27 14:47 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-11-27 14:47 - 2020-11-27 14:47 - 000002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-11-27 14:47 - 2020-11-27 14:47 - 000000000 ____D C:\Users\manat\AppData\Local\AVAST Software
2020-11-27 14:46 - 2020-11-27 14:46 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2020-11-27 14:46 - 2020-11-27 14:46 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2020-11-27 14:46 - 2020-11-27 14:46 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2020-11-27 14:44 - 2020-11-27 14:44 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-11-27 14:44 - 2020-11-27 14:44 - 000000000 ____D C:\Users\manat\AppData\Roaming\Avast Software
2020-11-27 14:43 - 2020-11-29 08:16 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-11-27 14:43 - 2020-11-27 14:44 - 000220784 _____ (AVAST Software) C:\Users\manat\Downloads\avast_free_antivirus_setup_online (2).exe
2020-11-27 14:43 - 2020-11-27 14:43 - 002290176 _____ (Farbar) C:\Users\manat\Downloads\FRST64.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 002290176 _____ (Farbar) C:\Users\manat\Desktop\FRST64.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000521752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000469832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000339552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 000332368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000326416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000206408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000176744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000097352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000016816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-11-27 14:43 - 2020-11-27 14:43 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-11-27 14:42 - 2020-11-27 14:48 - 000000000 ____D C:\ProgramData\Avast Software
2020-11-27 14:42 - 2020-11-27 14:42 - 000220784 _____ (AVAST Software) C:\Users\manat\Downloads\avast_free_antivirus_setup_online (1).exe
2020-11-27 14:42 - 2020-11-27 14:42 - 000000000 ____D C:\Program Files\Avast Software
2020-11-27 09:35 - 2020-11-28 13:34 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F82A5C71-8D1B-4A77-9455-5B7E4D7F95F7}
2020-11-23 19:28 - 2020-11-23 20:47 - 821810346 _____ C:\Users\manat\Downloads\Slunečná 65. Mafiánská konkubína 100%.mkv
2020-11-18 14:36 - 2020-11-18 15:35 - 638879951 _____ C:\Users\manat\Downloads\Slunečná 64 - Nepřítel na telefonu.mp4
2020-11-14 14:17 - 2020-11-24 14:20 - 000001849 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2020-11-14 14:17 - 2020-11-14 14:17 - 000000303 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2020-11-14 14:13 - 2020-11-14 15:12 - 641489258 _____ C:\Users\manat\Downloads\Slunečná 63-Návrat desperáta.mp4
2020-11-12 17:18 - 2020-11-12 17:53 - 637116328 _____ C:\Users\manat\Downloads\Slunečná 62-Studna.mp4
2020-11-11 15:22 - 2020-11-11 16:22 - 1081169649 _____ C:\Users\manat\Downloads\Slunečná 61 - Velké stěhování.mp4
2020-11-11 00:08 - 2020-11-11 00:08 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-11-05 17:46 - 2020-11-05 17:46 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-11-04 14:27 - 2020-11-04 15:37 - 753142082 _____ C:\Users\manat\Downloads\Slunečná 60-Lži a intriky.mp4
2020-11-03 18:24 - 2020-11-21 06:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-03 18:24 - 2020-11-11 00:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-03 14:15 - 2020-11-03 14:15 - 000000000 ____D C:\Program Files\UNP
2020-11-03 00:31 - 2015-04-28 19:06 - 000043256 _____ C:\WINDOWS\system32\oemlogo.bmp
2020-11-03 00:30 - 2020-11-05 17:46 - 000000000 ____D C:\Windows.old
2020-11-03 00:30 - 2020-11-03 00:30 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-11-03 00:29 - 2020-11-03 00:29 - 000000000 ____D C:\WINDOWS\system32\Intel
2020-11-03 00:29 - 2020-11-03 00:29 - 000000000 ____D C:\WINDOWS\system32\cAVS
2020-11-03 00:28 - 2020-11-28 13:36 - 000000000 ____D C:\WINDOWS\Lenovo
2020-11-03 00:27 - 2020-11-03 00:27 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-11-03 00:27 - 2020-11-03 00:27 - 000000000 ____D C:\WINDOWS\Setup
2020-11-03 00:26 - 2020-11-28 13:54 - 000685020 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-03 00:26 - 2020-11-28 13:54 - 000137706 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\cs
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\0409
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\DigitalLocker
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\ProgramData\ssh
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\OCR
2020-11-03 00:25 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-11-03 00:25 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-03 00:24 - 2020-11-28 13:54 - 000000000 ____D C:\WINDOWS\INF
2020-11-03 00:24 - 2020-11-28 13:50 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-03 00:24 - 2020-11-28 13:46 - 000000000 ___RD C:\Program Files (x86)
2020-11-03 00:24 - 2020-11-28 13:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-11-03 00:24 - 2020-11-28 13:35 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-03 00:24 - 2020-11-28 13:34 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-03 00:24 - 2020-11-27 14:44 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-03 00:24 - 2020-11-08 16:11 - 000000000 ____D C:\WINDOWS\appcompat
2020-11-03 00:24 - 2020-11-03 00:30 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-11-03 00:24 - 2020-11-03 00:30 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Com
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\Help
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __RSD C:\WINDOWS\Media
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\Nui
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Web
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\WaaS
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Vss
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\tracing
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\TAPI
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SystemApps
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\winevt
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ti-et
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ta-in
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\si-lk
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ras
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\my-mm
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\IME
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\icsxml
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ias
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\DriverState
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\am-et
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\System
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SKB
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\schemas
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SchCache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\security
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Resources
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\rescache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\PLA
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Performance
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\IdentityCRL
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Globalization
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Cursors
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Containers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Branding
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\addins
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\ProgramData\USOShared
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Security
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Common Files\Services
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows NT
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-11-03 00:24 - 2020-11-03 00:23 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2020-11-03 00:24 - 2020-11-03 00:23 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2020-11-03 00:24 - 2020-11-03 00:23 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-03 00:24 - 2020-11-03 00:23 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2020-11-03 00:24 - 2020-11-03 00:23 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2020-11-03 00:24 - 2020-11-03 00:23 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2020-11-03 00:24 - 2020-11-03 00:23 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2020-11-03 00:24 - 2020-11-03 00:23 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2020-11-03 00:24 - 2020-11-03 00:23 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2020-11-03 00:24 - 2020-11-02 16:04 - 000000000 ____D C:\WINDOWS\ServiceState
2020-11-03 00:24 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\system32\spool
2020-11-03 00:24 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-11-03 00:24 - 2020-11-02 15:41 - 000000000 ____D C:\Program Files\Windows NT
2020-11-03 00:24 - 2020-11-02 15:40 - 000000000 __RHD C:\Users\Public\Libraries
2020-11-03 00:24 - 2020-11-02 15:40 - 000000000 ____D C:\WINDOWS\Registration
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\IME
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files\Common Files\System
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-11-03 00:24 - 2020-11-02 15:35 - 000000000 ____D C:\ProgramData\USOPrivate
2020-11-03 00:24 - 2020-11-02 15:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-11-03 00:24 - 2020-11-02 15:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-11-03 00:21 - 2020-11-28 13:49 - 098566144 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-11-03 00:21 - 2020-11-28 13:49 - 030932992 _____ C:\WINDOWS\system32\config\SYSTEM
2020-11-03 00:21 - 2020-11-28 13:49 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
2020-11-03 00:21 - 2020-11-28 13:49 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-03 00:21 - 2020-11-28 13:49 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2020-11-03 00:21 - 2020-11-28 13:49 - 000032768 _____ C:\WINDOWS\system32\config\SAM
2020-11-03 00:21 - 2020-11-27 14:44 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-11-03 00:21 - 2020-11-11 00:11 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-03 00:21 - 2020-11-03 18:24 - 000000000 ____D C:\WINDOWS\servicing
2020-11-03 00:21 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\SMI
2020-11-03 00:21 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\Panther
2020-11-02 16:04 - 2020-11-02 16:04 - 000000000 ____D C:\Users\manat\AppData\Local\Comms
2020-11-02 15:56 - 2020-11-18 17:15 - 000000000 ____D C:\WINDOWS\TempInst
2020-11-02 15:53 - 2020-11-14 14:13 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-02 15:53 - 2020-11-14 14:13 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-02 15:53 - 2020-11-02 15:56 - 000000000 ____D C:\Users\manat\AppData\Local\Google
2020-11-02 15:53 - 2020-11-02 15:53 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-02 15:53 - 2020-11-02 15:53 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-02 15:53 - 2020-11-02 15:53 - 000000000 ____D C:\Program Files\Google
2020-11-02 15:53 - 2020-11-02 15:53 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-02 15:52 - 2020-11-02 15:52 - 001317080 _____ (Google LLC) C:\Users\manat\Downloads\ChromeSetup.exe
2020-11-02 15:50 - 2020-11-28 13:36 - 000000000 ____D C:\Users\manat\AppData\Local\Lenovo
2020-11-02 15:50 - 2020-11-03 16:26 - 000000000 ____D C:\Users\manat\AppData\Local\PlaceholderTileLogoFolder
2020-11-02 15:50 - 2020-11-02 15:50 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4210255883-2599605577-1647361875-1001
2020-11-02 15:49 - 2020-11-02 15:49 - 000000000 ____D C:\Users\manat\AppData\Local\CEF
2020-11-02 15:49 - 2020-11-02 15:49 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-11-02 15:48 - 2020-11-02 16:06 - 000000000 ____D C:\ProgramData\Packages
2020-11-02 15:48 - 2020-11-02 16:05 - 000000000 ____D C:\Users\manat\AppData\Local\Publishers
2020-11-02 15:47 - 2020-11-28 13:54 - 001606102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-02 15:47 - 2020-11-03 16:27 - 000000000 ____D C:\Users\manat\AppData\Local\Intel
2020-11-02 15:47 - 2020-11-03 16:26 - 000000000 ____D C:\Users\manat\AppData\Local\ConnectedDevicesPlatform
2020-11-02 15:47 - 2020-11-03 14:15 - 000000000 ____D C:\Users\manat\AppData\Local\NVIDIA Corporation
2020-11-02 15:47 - 2020-11-02 17:48 - 000000000 ____D C:\Users\manat\AppData\Local\Packages
2020-11-02 15:47 - 2020-11-02 15:47 - 000000020 ___SH C:\Users\manat\ntuser.ini
2020-11-02 15:47 - 2020-11-02 15:47 - 000000000 ____D C:\Users\manat\AppData\Roaming\Adobe
2020-11-02 15:47 - 2020-11-02 15:47 - 000000000 ____D C:\Users\manat\AppData\Local\VirtualStore
2020-11-02 15:45 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\minidump
2020-11-02 15:41 - 2020-11-28 13:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-02 15:41 - 2020-11-14 14:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-11-02 15:41 - 2020-11-02 15:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-02 15:41 - 2020-11-02 15:41 - 000003554 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2020-11-02 15:41 - 2020-11-02 15:41 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b125465b5fd6
2020-11-02 15:41 - 2020-11-02 15:41 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4210255883-2599605577-1647361875-500
2020-11-02 15:41 - 2020-11-02 15:41 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Poslední
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Okolní síť
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Poslední
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\All Users
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Plocha
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Data aplikací
2020-11-02 15:41 - 2019-11-23 04:56 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-976940842-2883749116-2420433773-500
2020-11-02 15:41 - 2019-10-17 05:12 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3354727278-81800435-1074778100-500
2020-11-02 15:38 - 2020-11-11 14:15 - 000000000 ____D C:\Users\manat
2020-11-02 15:38 - 2020-11-02 15:50 - 000002376 _____ C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Šablony
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Soubory cookie
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Poslední
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Okolní tiskárny
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Okolní síť
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Nabídka Start
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Dokumenty
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Obrázky
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Hudba
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Filmy
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Data aplikací
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\AppData\Local\Data aplikací
2020-11-02 15:34 - 2020-11-27 09:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-02 15:33 - 2020-11-28 13:49 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2020-11-02 15:33 - 2020-11-02 17:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-02 15:33 - 2020-11-02 15:51 - 000000000 ____D C:\ProgramData\Lenovo
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\ProgramData\Realtek
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\Program Files\Common Files\Dolby
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2020-11-02 15:31 - 2020-11-29 08:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-02 15:31 - 2020-11-28 13:49 - 000532656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-02 15:16 - 2020-11-03 00:31 - 000000000 ___HD C:\$SysReset
2020-11-01 17:31 - 2020-11-01 19:25 - 1201435150 _____ C:\Users\manat\Desktop\Přes prsty 2019 CZ Dabing Cesky film komedie romanticke (kkk).avi
2020-10-31 19:51 - 2020-10-31 20:34 - 766965950 _____ C:\Users\manat\Downloads\Slunečná 59-Živý nebo mrtvý.mp4
2020-10-31 18:47 - 2020-10-31 19:50 - 646329840 _____ C:\Users\manat\Downloads\Slunečná 58 (bob).mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-28 13:51 - 2019-11-23 06:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-28 13:49 - 2020-03-26 02:02 - 000000000 __SHD C:\Users\manat\IntelGraphicsProfiles
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap Photo
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2019 – Čeština (Czech)
2020-11-28 13:46 - 2020-03-25 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2020-11-28 13:44 - 2019-11-23 06:08 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-28 13:42 - 2020-03-25 10:18 - 000000000 ____D C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-28 13:42 - 2020-03-25 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-28 13:37 - 2020-03-26 02:04 - 000000000 ___RD C:\Users\manat\OneDrive
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\Lenovo
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\Program Files\Lenovo
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-11-15 16:12 - 2019-11-23 06:02 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-11 02:07 - 2020-03-26 02:02 - 000000000 ___RD C:\Users\manat\3D Objects
2020-11-11 02:07 - 2019-10-17 05:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-04 17:31 - 2020-09-16 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-11-04 17:31 - 2019-11-23 06:04 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-11-03 16:27 - 2019-11-23 06:10 - 000000000 ____D C:\ProgramData\Intel
2020-11-02 15:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-11-02 15:37 - 2019-11-23 06:20 - 000000000 ____D C:\ProgramData\McInstTemp0161681574486451
2020-11-02 15:37 - 2019-11-23 06:14 - 000000000 ____D C:\ProgramData\McInstTemp0149631574486082
2020-11-02 15:37 - 2019-11-23 06:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:11 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:08 - 000000000 ____D C:\Program Files\Intel
2020-11-02 15:36 - 2019-11-23 06:02 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-11-02 15:36 - 2019-10-07 03:51 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-11-02 15:35 - 2019-11-23 06:08 - 000000000 ____D C:\DRIVER
2020-11-02 15:35 - 2019-11-23 06:03 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-11-02 15:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-11-02 15:33 - 2019-11-23 06:10 - 000000000 ___HD C:\Intel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Reklamy v prohlížečích
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2020
Ran by manat (29-11-2020 08:18:26)
Running from C:\Users\manat\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-11-02 14:45:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4210255883-2599605577-1647361875-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4210255883-2599605577-1647361875-503 - Limited - Disabled)
Guest (S-1-5-21-4210255883-2599605577-1647361875-501 - Limited - Disabled)
manat (S-1-5-21-4210255883-2599605577-1647361875-1001 - Administrator - Enabled) => C:\Users\manat
WDAGUtilityAccount (S-1-5-21-4210255883-2599605577-1647361875-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 – Čeština (Czech) (HKLM\...\{28B89EEF-2001-0405-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-2001-0405-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 – Čeština (Czech) (HKLM\...\AutoCAD 2019 – Čeština (Czech)) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk ReCap (HKLM\...\{50EDF910-0000-1033-0102-E3D118CE2EEA}) (Version: 5.0.0.40 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 5.0.0.40 - Autodesk)
Autodesk ReCap Photo (HKLM\...\{0E4FA9C0-0000-1033-0102-1B3A7F15D307}) (Version: 19.0.0.38 - Autodesk) Hidden
Autodesk ReCap Photo (HKLM\...\Autodesk ReCap Photo) (Version: 19.0.0.38 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6938.199 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.8.78 - Autodesk)
Speciální aplikace Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2020-11-03] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-28] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\e0469640.lenovoutility_3.1.18.0_x64__5grkq8ppsgwt4 [2020-11-03] (LENOVO INC) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.958.0_x64__56jybvy8sckqj [2020-11-03] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-14] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-11-03] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0 [2020-11-14] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-06-07] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-06-07] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\nvshext.dll [2020-07-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-14 14:16 - 2020-11-14 14:17 - 041670144 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ADFB8126-6470-4FCE-AA9F-410AE2021D88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82FC8EA8-EAA6-4C96-BE48-372B1E7A598B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A0E2566-34A2-4EC4-8A2E-FD945934E1BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9F8F22A-4BAB-4877-BFF3-20861ED82755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8261C8D-8134-4689-B5A2-6EE23B1BAB48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{995882DB-AB23-4855-AB9B-ED962B753D55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A9385B2-0FF3-4FE5-9DF0-CEA9ACC9D5EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E29AA788-E741-48FF-8A41-388C762C283B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DEDC0562-2FD4-42BB-8FFA-B24676719936}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0BEBBDEF-4C2A-4CD6-9789-B348072CCB2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C77D9DB7-3F53-439D-A521-77E8B3F5B153}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84A5FB42-674B-4885-973F-B1AB6836701D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{238BA159-7F0C-4532-ADDC-054E9138B04B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F4F9E1E-5CFB-47A2-9F81-C1540B13BB68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5190BF6-10CD-4F16-B98A-07ACD9192224}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7464599E-7DA1-4E6D-9AB1-72410A561439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B6D40FD-6A01-4548-AF94-AC9CA34571E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F68AA80-3C7E-46E1-AE90-A97471A44C43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{063A0BC7-4BF6-4F40-BB6C-462DE576C44A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB4CBE5E-C4C8-40A5-9C34-7296865CA27B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EBE40B8-0531-4803-9FDC-A9FF171BA7B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
08-11-2020 17:40:53 Naplánovaný kontrolní bod
19-11-2020 05:52:16 Naplánovaný kontrolní bod
27-11-2020 09:54:46 Naplánovaný kontrolní bod
28-11-2020 13:36:13 AdwCleaner_BeforeCleaning_28/11/2020_13:36:13
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/28/2020 02:07:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5024,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/28/2020 01:57:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3808,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/28/2020 01:49:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (11/28/2020 01:49:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (11/28/2020 02:04:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 02:02:27 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/28/2020 01:50:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:50:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:49:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:49:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImControllerService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:38:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:37:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
CodeIntegrity:
===================================
Date: 2020-11-29 08:17:04.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-11-29 08:16:58.460
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-29 08:16:58.459
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-29 08:16:53.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-29 08:16:53.717
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-29 08:16:53.615
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-29 08:16:53.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-29 08:16:53.573
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO BGCN24WW 08/19/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 8072.24 MB
Available physical RAM: 4054.41 MB
Total Virtual: 9352.24 MB
Available Virtual: 4266.54 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:358.96 GB) NTFS
Drive d: (KINGSTON) (Removable) (Total:28.85 GB) (Free:3.34 GB) NTFS
\\?\Volume{cf1e6b02-72a1-4864-8a80-cf313469e317}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{15c47271-bd09-4b83-8714-0cd62d70517f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 6BE9965B)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 46C7C999)
Partition 1: (Active) - (Size=28.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by manat (29-11-2020 08:18:26)
Running from C:\Users\manat\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-11-02 14:45:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4210255883-2599605577-1647361875-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4210255883-2599605577-1647361875-503 - Limited - Disabled)
Guest (S-1-5-21-4210255883-2599605577-1647361875-501 - Limited - Disabled)
manat (S-1-5-21-4210255883-2599605577-1647361875-1001 - Administrator - Enabled) => C:\Users\manat
WDAGUtilityAccount (S-1-5-21-4210255883-2599605577-1647361875-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 – Čeština (Czech) (HKLM\...\{28B89EEF-2001-0405-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-2001-0405-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 – Čeština (Czech) (HKLM\...\AutoCAD 2019 – Čeština (Czech)) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk ReCap (HKLM\...\{50EDF910-0000-1033-0102-E3D118CE2EEA}) (Version: 5.0.0.40 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 5.0.0.40 - Autodesk)
Autodesk ReCap Photo (HKLM\...\{0E4FA9C0-0000-1033-0102-1B3A7F15D307}) (Version: 19.0.0.38 - Autodesk) Hidden
Autodesk ReCap Photo (HKLM\...\Autodesk ReCap Photo) (Version: 19.0.0.38 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6938.199 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.8.78 - Autodesk)
Speciální aplikace Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2020-11-03] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-28] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\e0469640.lenovoutility_3.1.18.0_x64__5grkq8ppsgwt4 [2020-11-03] (LENOVO INC) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.958.0_x64__56jybvy8sckqj [2020-11-03] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-14] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-11-03] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0 [2020-11-14] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-06-07] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-06-07] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\nvshext.dll [2020-07-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-14 14:16 - 2020-11-14 14:17 - 041670144 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ADFB8126-6470-4FCE-AA9F-410AE2021D88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82FC8EA8-EAA6-4C96-BE48-372B1E7A598B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A0E2566-34A2-4EC4-8A2E-FD945934E1BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9F8F22A-4BAB-4877-BFF3-20861ED82755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8261C8D-8134-4689-B5A2-6EE23B1BAB48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{995882DB-AB23-4855-AB9B-ED962B753D55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A9385B2-0FF3-4FE5-9DF0-CEA9ACC9D5EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E29AA788-E741-48FF-8A41-388C762C283B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DEDC0562-2FD4-42BB-8FFA-B24676719936}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0BEBBDEF-4C2A-4CD6-9789-B348072CCB2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C77D9DB7-3F53-439D-A521-77E8B3F5B153}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84A5FB42-674B-4885-973F-B1AB6836701D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{238BA159-7F0C-4532-ADDC-054E9138B04B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F4F9E1E-5CFB-47A2-9F81-C1540B13BB68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5190BF6-10CD-4F16-B98A-07ACD9192224}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7464599E-7DA1-4E6D-9AB1-72410A561439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B6D40FD-6A01-4548-AF94-AC9CA34571E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F68AA80-3C7E-46E1-AE90-A97471A44C43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{063A0BC7-4BF6-4F40-BB6C-462DE576C44A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB4CBE5E-C4C8-40A5-9C34-7296865CA27B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EBE40B8-0531-4803-9FDC-A9FF171BA7B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
08-11-2020 17:40:53 Naplánovaný kontrolní bod
19-11-2020 05:52:16 Naplánovaný kontrolní bod
27-11-2020 09:54:46 Naplánovaný kontrolní bod
28-11-2020 13:36:13 AdwCleaner_BeforeCleaning_28/11/2020_13:36:13
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/28/2020 02:07:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5024,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/28/2020 01:57:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3808,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/28/2020 01:49:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (11/28/2020 01:49:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (11/28/2020 02:04:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 02:02:27 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.
Error: (11/28/2020 01:50:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:50:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:49:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:49:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImControllerService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:38:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/28/2020 01:37:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
CodeIntegrity:
===================================
Date: 2020-11-29 08:17:04.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-11-29 08:16:58.460
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-29 08:16:58.459
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-29 08:16:53.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-29 08:16:53.717
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-29 08:16:53.615
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-29 08:16:53.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-11-29 08:16:53.573
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO BGCN24WW 08/19/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 8072.24 MB
Available physical RAM: 4054.41 MB
Total Virtual: 9352.24 MB
Available Virtual: 4266.54 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:358.96 GB) NTFS
Drive d: (KINGSTON) (Removable) (Total:28.85 GB) (Free:3.34 GB) NTFS
\\?\Volume{cf1e6b02-72a1-4864-8a80-cf313469e317}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{15c47271-bd09-4b83-8714-0cd62d70517f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 6BE9965B)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 46C7C999)
Partition 1: (Active) - (Size=28.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Reklamy v prohlížečích
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Start
CloseProcesses:
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {15CAD0F2-D7E3-4E32-A02D-A556CE219608} - \Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e -> No File <==== ATTENTION
Task: {33B23D48-DB08-4E37-9594-0033FEB001E2} - \Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038 -> No File <==== ATTENTION
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {CA40B1FE-169E-4034-B44E-07F65EF3A66C} - \Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1 -> No File <==== ATTENTION
Task: {F7FC150B-1CB5-4DA9-90C3-C68516A27420} - \Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97 -> No File <==== ATTENTION
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Reklamy v prohlížečích
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-11-2020
Ran by manat (30-11-2020 13:17:54) Run:1
Running from C:\Users\manat\Desktop
Loaded Profiles: manat
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {15CAD0F2-D7E3-4E32-A02D-A556CE219608} - \Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e -> No File <==== ATTENTION
Task: {33B23D48-DB08-4E37-9594-0033FEB001E2} - \Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038 -> No File <==== ATTENTION
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {CA40B1FE-169E-4034-B44E-07F65EF3A66C} - \Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1 -> No File <==== ATTENTION
Task: {F7FC150B-1CB5-4DA9-90C3-C68516A27420} - \Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97 -> No File <==== ATTENTION
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE2CC469-496B-414C-9EEE-6D6BD044CF33} => removed successfully
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00F08D73-6153-46E5-BF0B-B7175E33AE61}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00F08D73-6153-46E5-BF0B-B7175E33AE61}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15CAD0F2-D7E3-4E32-A02D-A556CE219608}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15CAD0F2-D7E3-4E32-A02D-A556CE219608}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33B23D48-DB08-4E37-9594-0033FEB001E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33B23D48-DB08-4E37-9594-0033FEB001E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A997971-2F05-4A07-BFCC-64C69AB1CDD4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A997971-2F05-4A07-BFCC-64C69AB1CDD4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8EACC801-0F5D-4523-A928-E92F0B68D7E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EACC801-0F5D-4523-A928-E92F0B68D7E2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA40B1FE-169E-4034-B44E-07F65EF3A66C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA40B1FE-169E-4034-B44E-07F65EF3A66C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7FC150B-1CB5-4DA9-90C3-C68516A27420}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7FC150B-1CB5-4DA9-90C3-C68516A27420}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC5660CA-73DD-4F1C-A95E-6AA417D47074}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC5660CA-73DD-4F1C-A95E-6AA417D47074}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF83E879-821A-42C0-AB8B-700375588F5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF83E879-821A-42C0-AB8B-700375588F5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19066238 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 12087616 B
Edge => 0 B
Chrome => 503531239 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 501671 B
systemprofile32 => 501671 B
LocalService => 546165 B
NetworkService => 546165 B
manat => 462225322 B
RecycleBin => 21413970709 B
EmptyTemp: => 20.9 GB temporary data Removed.
================================
Ran by manat (30-11-2020 13:17:54) Run:1
Running from C:\Users\manat\Desktop
Loaded Profiles: manat
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {15CAD0F2-D7E3-4E32-A02D-A556CE219608} - \Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e -> No File <==== ATTENTION
Task: {33B23D48-DB08-4E37-9594-0033FEB001E2} - \Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038 -> No File <==== ATTENTION
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {CA40B1FE-169E-4034-B44E-07F65EF3A66C} - \Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1 -> No File <==== ATTENTION
Task: {F7FC150B-1CB5-4DA9-90C3-C68516A27420} - \Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97 -> No File <==== ATTENTION
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE2CC469-496B-414C-9EEE-6D6BD044CF33} => removed successfully
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00F08D73-6153-46E5-BF0B-B7175E33AE61}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00F08D73-6153-46E5-BF0B-B7175E33AE61}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15CAD0F2-D7E3-4E32-A02D-A556CE219608}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15CAD0F2-D7E3-4E32-A02D-A556CE219608}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33B23D48-DB08-4E37-9594-0033FEB001E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33B23D48-DB08-4E37-9594-0033FEB001E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A997971-2F05-4A07-BFCC-64C69AB1CDD4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A997971-2F05-4A07-BFCC-64C69AB1CDD4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8EACC801-0F5D-4523-A928-E92F0B68D7E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EACC801-0F5D-4523-A928-E92F0B68D7E2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA40B1FE-169E-4034-B44E-07F65EF3A66C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA40B1FE-169E-4034-B44E-07F65EF3A66C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7FC150B-1CB5-4DA9-90C3-C68516A27420}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7FC150B-1CB5-4DA9-90C3-C68516A27420}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC5660CA-73DD-4F1C-A95E-6AA417D47074}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC5660CA-73DD-4F1C-A95E-6AA417D47074}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF83E879-821A-42C0-AB8B-700375588F5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF83E879-821A-42C0-AB8B-700375588F5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19066238 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 12087616 B
Edge => 0 B
Chrome => 503531239 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 501671 B
systemprofile32 => 501671 B
LocalService => 546165 B
NetworkService => 546165 B
manat => 462225322 B
RecycleBin => 21413970709 B
EmptyTemp: => 20.9 GB temporary data Removed.
================================
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Reklamy v prohlížečích
Smazáno. Ještě ručně smažte tento soubor: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Reklamy v prohlížečích
Hotovo, paráda... Děkuji 
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Reklamy v prohlížečích
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?