Dobrý den,
chtěl bych požádat o kontrolu logu. Avast mi uzamkl IDP.generic do karantény, po kontrole karantény jsem zjistil, že jsou zde uzamčeny položky, které jsem si nepamatoval.
FRST log níže.
Předem mockrát děkuji za ochotu a pomoc.
P. S. SmartScreen od Windows defender mi nechtěl FRST spustit. Pokračování jsem tak povolil. Následně mi i Avast zobrazil hlášku, zdali chci povolit programu přístup do chráněné složky Desktop (kvůli texťáku s logem)
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atiesrxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\VUL\McVulCtr.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\stepa\AppData\Local\Microsoft\OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1171184 2020-09-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\stepa\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> )
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33620960 2022-01-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 21.245.1128.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\21.245.1128.0002"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03E383AB-197B-47AE-9A84-FB6DAB1B6D15} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {069681D9-C2CF-4B67-8C96-EF6812D96D2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B999641-312E-49AE-B92F-53863DE92739} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {0C8A1620-42A4-4EF5-AFF1-96622CC7BC47} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {10AC3968-4FB6-4C53-A42E-B626CD2317E8} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {12B60DF6-4F44-46A5-9835-4D530C0EFF9F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {1A5E9616-BA46-42BB-8AFD-21D0FC6A680B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D0D43D6-CBF1-478D-8BC3-A12B95B719CD} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
Task: {1D5B880A-AB3E-4736-8776-BF0DC046C7C7} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {303C0A16-1C6C-40E5-B308-37210C671695} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1830992e-852b-4966-9187-c63a20b48c76 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {33BF268F-940E-432E-912A-CD86C00B6E6B} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {408FEE92-4714-4C2E-B070-FAE2CA9B4551} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {42DBA88A-4FC4-4EA7-ADEB-808577AAE76F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {49EA738E-D545-4F84-A503-0B1347E483CA} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {4B82195F-4664-4653-A1A1-4BB83BED120D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {60446D0E-543F-41E8-B164-D660B99846E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-10-11] (Avast Software s.r.o. -> Avast Software)
Task: {6085614B-2F24-46FE-8495-1E13D9955F07} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4696128 2021-11-18] (McAfee, LLC -> McAfee, LLC)
Task: {61B2F7B0-ED5D-4D4D-96D5-C4948CBB4EDC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {754A0A7A-8548-40E2-88FA-176BE9A58F33} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1d6b123e-ffec-46c8-ab92-b4c2c209e748 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {7C6E06F8-2468-4913-836B-9845778E02BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81B793EC-DDEA-4979-8BFB-C0391E5E70F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {8288514E-3FA6-4EA4-964A-CBE88E936203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {84A2190F-1701-493E-85B5-8772DE8A2060} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)
Task: {99A873B2-3B96-4131-B8B3-ECDF53765135} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A0B83ED7-CDE3-49CA-8E9E-A3B9D9E7D0E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64248 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {A22654D7-8CCA-454D-B95D-DF6423BE6CA2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A90D2E19-82F5-4642-B012-DF9275A27132} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {B09A8B00-7983-4334-B6A3-586ABF83EC5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE71C509-3D76-49E4-A479-366A861F49C4} - System32\Tasks\McAfee Subscription job => \\?\C:\Program Files\McAfee\NexsJobs\McSubscriptionJob.exe [3438816 2022-01-14] (McAfee, LLC -> )
Task: {D83CB9F9-EB01-4B2E-A567-D759912B1562} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9f7ab900-1811-4350-8ec2-f6a15da67cfc => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {D8CE8A8C-15DC-4638-ADDF-90121FE14031} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {DB454F78-C9A9-4536-A235-65FC7D5F9792} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afe48ad9-98e7-4365-b6e1-cc00c7b8a5b0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {DC2A7E03-E963-43EC-8505-436AF6883AC1} - System32\Tasks\CCleanerSkipUAC - stepa => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD43DC0D-8792-4A71-8035-3FA365CAECC7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {DD4B41D5-A1EA-4996-8C4E-2A3207B57746} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE34C9F5-157B-4FD9-B379-61C742C6B082} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7DC3C12-AF15-4EF5-8901-1EF39A03B512} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E81B89DA-28A6-4CE7-B2DC-227827A3D2B3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {EE6E0F86-DAA1-44AD-966A-C14B03643BBE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5bc4d5ec-dc91-46e6-968d-6fe7776d401b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {FE7D933B-94EE-4A66-8530-1A8A17270C08} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-14]
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default [2022-01-25]
CHR Extension: (Prezentace) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-11]
CHR Extension: (Dokumenty) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-11]
CHR Extension: (Disk Google) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-11]
CHR Extension: (YouTube) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-11]
CHR Extension: (Tabulky) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-11]
CHR Extension: (I don't care about cookies) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-01-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-05]
CHR Extension: (Grammarly for Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-11]
CHR Extension: (Gmail) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [377712 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe [201472 2021-11-21] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2022-01-13] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [797576 2021-11-17] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-25] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\\McCSPServiceHost.exe [2671064 2021-11-12] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1257520 2021-05-03] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1678048 2021-10-28] (McAfee, LLC -> McAfee, LLC)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-10-11] (Microsoft Windows -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_1c7347b4b6a6d779\amdacpafd.sys [265528 2020-11-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\amdkmdag.sys [83123536 2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-09-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 netrtp; C:\WINDOWS\System32\DRIVERS\netrtp.sys [46576 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-10-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-10-13] (WireGuard LLC -> WireGuard LLC)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-25 21:04 - 2022-01-25 21:04 - 000033863 _____ C:\Users\stepa\Desktop\FRST.txt
2022-01-25 21:04 - 2022-01-25 21:04 - 000000000 ____D C:\FRST
2022-01-25 21:00 - 2022-01-25 21:00 - 002311680 _____ (Farbar) C:\Users\stepa\Desktop\FRST64.exe
2022-01-25 20:33 - 2022-01-25 20:33 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Sony
2022-01-25 12:44 - 2022-01-25 13:06 - 000049332 _____ C:\Users\stepa\Downloads\Mezenský - Vstupní dotazník (Entrance form).xlsx
2022-01-24 23:51 - 2022-01-24 23:51 - 000000000 ____D C:\Users\stepa\AppData\Local\4kdownload.com
2022-01-24 23:11 - 2022-01-24 23:12 - 004517198 _____ C:\Users\stepa\Downloads\quiz.pptx.pdf
2022-01-24 13:20 - 2022-01-24 13:20 - 000319600 _____ C:\Users\stepa\Downloads\RISKUJ.pptx
2022-01-23 16:42 - 2022-01-25 18:27 - 000000000 ____D C:\Users\stepa\Desktop\pubquiz - výročí
2022-01-14 16:08 - 2022-01-14 16:03 - 000046576 _____ C:\WINDOWS\system32\Drivers\netrtp.sys
2022-01-14 16:04 - 2022-01-14 16:04 - 000000000 ___HD C:\$AV_ASW
2022-01-14 16:03 - 2022-01-14 16:04 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Lenovo
2022-01-14 16:03 - 2022-01-14 16:03 - 150958240 _____ (Lenovo) C:\Users\stepa\Downloads\lenovopcmanager_apps.exe
2022-01-13 20:25 - 2022-01-13 20:32 - 1059133781 _____ C:\Users\stepa\Downloads\DOD 2022.mp4
2022-01-13 18:45 - 2022-01-14 16:11 - 000000000 ____D C:\ProgramData\McInstTemp0094491642095916
2022-01-12 19:55 - 2022-01-12 19:55 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-11 23:09 - 2022-01-11 23:09 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-11 23:03 - 2022-01-11 23:03 - 000000000 ___HD C:\$WinREAgent
2022-01-11 17:34 - 2022-01-11 17:34 - 002384287 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP (1).pptx
2022-01-11 17:32 - 2022-01-11 17:32 - 002384296 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 003585970 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 000252091 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pdf
2022-01-11 17:29 - 2022-01-11 17:29 - 000051724 _____ C:\Users\stepa\Downloads\DOD_2022_JG.pptx
2022-01-10 14:00 - 2022-01-11 17:43 - 000000000 ____D C:\Users\stepa\Desktop\HRY
2022-01-10 13:06 - 2022-01-10 13:06 - 000000000 ____D C:\Users\stepa\Desktop\SPSS komplet
2022-01-10 13:03 - 2022-01-10 13:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-01-07 23:22 - 2022-01-07 23:22 - 000507148 _____ C:\Users\stepa\Desktop\2218097511.pdf
2022-01-07 23:18 - 2022-01-07 23:19 - 000000000 ____D C:\Users\stepa\Desktop\photoshop
2022-01-07 21:05 - 2022-01-07 21:05 - 010786722 _____ C:\Users\stepa\Downloads\ReplicationClassPaper_12.30.pdf
2022-01-07 20:45 - 2022-01-07 20:45 - 000098078 _____ C:\Users\stepa\Downloads\StepanMezensky.pdf
2022-01-06 16:03 - 2022-01-06 16:03 - 000094904 _____ C:\Users\stepa\Desktop\radiofee.pdf
2022-01-06 15:48 - 2022-01-06 15:48 - 000000000 ____D C:\Users\stepa\AppData\Local\LenovoServiceBridge
2022-01-05 20:17 - 2022-01-23 20:24 - 000000000 ____D C:\Users\stepa\Desktop\DOD
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ C:\Users\stepa\AppData\Local\recently-used.xbel
2022-01-04 16:36 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\Desktop\GIMP
2022-01-04 16:35 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\AppData\Local\gtk-2.0
2022-01-04 16:29 - 2022-01-04 16:29 - 017224314 _____ C:\Users\stepa\Downloads\covery_template.psd
2022-01-04 16:27 - 2022-01-04 16:41 - 000000000 ____D C:\Users\stepa\AppData\Local\babl-0.1
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\gegl-0.4
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\.cache
2022-01-04 16:25 - 2022-01-04 16:25 - 000000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.30.lnk
2022-01-04 16:23 - 2022-01-04 16:24 - 000000000 ____D C:\Program Files\GIMP 2
2022-01-04 16:22 - 2022-01-04 16:22 - 257259032 _____ (The GIMP Team ) C:\Users\stepa\Downloads\gimp-2.10.30-setup.exe
2022-01-03 15:14 - 2022-01-03 15:14 - 000069998 _____ C:\Users\stepa\Downloads\abschluss991ec8da-6f91-4904-89ba-ca3d893de719.pdf
2021-12-29 09:06 - 2021-12-29 09:06 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-29 09:06 - 2021-12-29 09:06 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-29 09:06 - 2021-12-29 09:06 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-27 16:39 - 2021-12-27 16:39 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901 (1).pdf
2021-12-27 16:37 - 2021-12-27 16:37 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901.pdf
2021-12-27 16:36 - 2021-12-27 16:36 - 000344574 _____ C:\Users\stepa\Downloads\Informacni memorandum.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-25 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-25 20:58 - 2021-10-11 00:36 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-25 20:30 - 2021-12-12 15:41 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-25 20:30 - 2021-11-29 18:39 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F95A899A-FAB6-4AA6-8240-140235E151DC}
2022-01-25 20:30 - 2021-10-12 17:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\vlc
2022-01-25 20:30 - 2021-10-12 16:59 - 000002508 _____ C:\WINDOWS\system32\Tasks\McAfee Subscription job
2022-01-25 20:30 - 2021-10-11 01:08 - 000002662 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2022-01-25 20:30 - 2021-10-11 00:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-25 20:30 - 2021-10-11 00:32 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-25 20:30 - 2021-10-11 00:32 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - stepa
2022-01-25 20:30 - 2021-10-11 00:26 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-25 20:30 - 2021-10-11 00:14 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-25 20:30 - 2021-10-11 00:14 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-25 20:30 - 2021-10-11 00:13 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-25 20:30 - 2021-10-10 22:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 20:30 - 2021-10-10 22:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-25 20:24 - 2021-10-10 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-25 20:02 - 2021-10-12 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-01-25 18:32 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 16:30 - 2021-10-11 00:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-25 15:34 - 2021-10-11 00:11 - 000000000 ____D C:\Users\stepa\AppData\Local\D3DSCache
2022-01-25 08:26 - 2021-10-11 00:32 - 000000000 ____D C:\Program Files\CCleaner
2022-01-25 00:18 - 2021-11-06 16:07 - 000000000 ____D C:\Users\stepa\AppData\Roaming\audacity
2022-01-24 13:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-24 11:50 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Goodix
2022-01-24 11:50 - 2021-10-05 13:03 - 000000000 ____D C:\Users\stepa\Desktop\filmy
2022-01-23 21:14 - 2021-08-29 12:22 - 000000000 ___RD C:\Users\stepa\OneDrive
2022-01-23 17:07 - 2021-10-11 00:33 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-23 11:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 21:02 - 2021-10-11 00:15 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-11 00:15 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-10 22:55 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-22 21:02 - 2020-11-19 08:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-20 16:16 - 2021-10-10 23:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-20 16:16 - 2019-12-07 15:41 - 000717834 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-20 16:16 - 2019-12-07 15:41 - 000144996 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-20 01:18 - 2021-10-10 23:08 - 000002392 _____ C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-19 19:05 - 2021-10-19 14:23 - 000000000 ____D C:\Users\stepa\Desktop\MiroPodcast
2022-01-19 12:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-17 16:26 - 2021-04-14 23:50 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-15 14:20 - 2021-10-11 01:05 - 000000000 ____D C:\Users\stepa\AppData\Local\CrashDumps
2022-01-14 17:04 - 2021-10-11 00:25 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-14 17:04 - 2021-10-11 00:25 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-14 16:14 - 2021-10-14 08:23 - 000000000 __RSD C:\Users\stepa\Documents\Trezory společnosti McAfee
2022-01-14 16:11 - 2021-10-13 08:34 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-14 16:11 - 2021-10-11 00:30 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-14 16:11 - 2021-10-11 00:13 - 000000000 ____D C:\Users\stepa\AppData\Local\Lenovo
2022-01-14 16:11 - 2021-10-10 23:08 - 000000000 ____D C:\Users\stepa
2022-01-14 16:11 - 2021-10-10 22:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-14 16:11 - 2021-04-14 23:58 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-01-14 16:11 - 2020-11-27 01:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-14 16:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-14 16:11 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-14 16:08 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Lenovo
2022-01-14 16:08 - 2021-04-14 23:57 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-01-13 01:07 - 2021-08-29 12:20 - 000064248 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-13 01:06 - 2021-08-29 12:20 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-13 01:06 - 2021-08-29 12:20 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-13 01:06 - 2021-04-14 23:49 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-12 21:26 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-12 19:55 - 2021-10-11 00:24 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Zoom
2022-01-12 19:55 - 2021-08-31 14:07 - 000001942 _____ C:\Users\stepa\Desktop\Zoom.lnk
2022-01-12 00:57 - 2021-10-10 22:54 - 000437064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-11 23:03 - 2021-10-12 23:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-11 23:02 - 2021-10-12 23:30 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 17:43 - 2021-11-30 00:22 - 000000000 ____D C:\Users\stepa\Desktop\IBM SPSS Statistics 26.0 IF006 + Crack [www.TheWindowsForum.com].rar
2022-01-07 23:29 - 2021-10-10 22:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-07 23:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-01-07 21:05 - 2021-09-05 20:55 - 000000000 ____D C:\Users\stepa\Desktop\reproduction
2021-12-29 09:06 - 2021-10-11 00:33 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-29 09:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== Files in the root of some directories ========
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ () C:\Users\stepa\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition__________________________
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2022
Ran by stepa (25-01-2022 21:05:21)
Running from C:\Users\stepa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2021-10-10 22:16:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1915851472-2192339704-3292565872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1915851472-2192339704-3292565872-503 - Limited - Disabled)
Guest (S-1-5-21-1915851472-2192339704-3292565872-501 - Limited - Disabled)
stepa (S-1-5-21-1915851472-2192339704-3292565872-1001 - Administrator - Enabled) => C:\Users\stepa
WDAGUtilityAccount (S-1-5-21-1915851472-2192339704-3292565872-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Audacity 3.1.2 (HKLM\...\Audacity_is1) (Version: 3.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1091 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
IBM SPSS Statistics 26 (HKLM-x32\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R41 - McAfee, LLC)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 4 - MSI Co., LTD)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
OpenVPN 2.5.0-I601 amd64 (HKLM\...\{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}) (Version: 2.5.019 - OpenVPN, Inc.)
R for Windows 4.1.1 (HKLM\...\R for Windows 4.1.1_is1) (Version: 4.1.1 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 2021.09.0+351 - RStudio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.663 - McAfee, LLC)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m [2021-11-25] (Advanced Micro Devices Inc.) [Startup Task]
AV1 Video Extension -> C:\Program Files\WindowsApps\microsoft.av1videoextension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20602.609.0_x64__rz1tebttyb220 [2021-10-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-19] (Microsoft Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_8.20.2269.0_x64__17mer8kcn3j54 [2021-12-22] (Mirametrix Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-25] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-24] (LENOVO INC.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt [2021-12-16] (Facebook Inc) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.4.4.0_x64__bzg06mxvgh4fa [2022-01-14] (V3TApps)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.17.231.0_x64__dt26b99r8h8gj [2021-10-11] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Smart Microphone Setting -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.0.38.0_x64__4pejv7q2gmsnr [2021-10-11] (Fortemedia)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-23] (Spotify AB) [Startup Task]
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2149.4.0_x64__cv1g1gvanyjgm [2022-01-23] (WhatsApp Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\stepa\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\stepa\Desktop\CATI NMS - Volani z domova\3. Prohlizec CATI NMS.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://cati.nms-mr.com
==================== Loaded Modules (Whitelisted) =============
2021-10-11 00:53 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2021-08-29 17:08 - 2021-08-29 17:11 - 000258048 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stepa\OneDrive\Pictures\background\rainbow_texture679.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90BE4D9A-4E6F-4330-BE0C-93E3909186B9}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{142092D6-A540-4409-9F1A-2789A7966AD2}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{99717A7B-5B50-4519-BC22-A7802A869230}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DAC5FF3-5D23-4BDD-8ABD-DE43F17EE517}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8522670A-572B-45B2-AD6E-E5880CD6490E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6AC4204-A446-4AF9-BC9A-8720DEA41F35}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D429E0D-5D8F-4527-92D3-A5AE1EE482BF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C4363F-E59C-4DCC-BB68-58558EFF786B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2A5191A0-2AF2-4AF1-982A-2A0DAB3DC749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65643EFB-AB0A-4460-807A-AA4C96AA3545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{37EAB394-6071-4794-87A6-4EEB10700F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{A99F274E-0462-41B5-98D0-FD763D25F5D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8659AC6B-F352-4E3A-B9C1-FC7B4A820447}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{F707F5AE-5FCA-4DF4-A5EB-B2C435966C4B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2D96B337-9D2B-4D87-A20F-296E6718A554}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2473B47C-8CE8-4060-8467-C4F26D7E7340}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{34A1B26B-916D-40F6-B0E2-3B34119F00A6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53E38E1-E230-4F0E-97D5-281741C5605A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{592B3B90-4FAB-48A0-B9B0-CB4AA0EF57AD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9BD50D10-8F03-48F2-A3FE-DAD613BAD1C2}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE9D95CE-574E-4916-AF88-A4E837EC9B7C}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{736FF52B-9B7D-41D1-880C-B3A6BCEB870B}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF7113C6-8069-42AB-BC1E-9AB2D2CCEEA5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{3C4EF203-176A-4B20-9F0E-A067B4E1437E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7ABC7093-FB2C-4F24-8CA0-232C2D11B41C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4345FE25-71DA-49F3-A8F5-C58426CDBF75}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{403CB423-6789-4828-BB7B-DD65B9CA3CCA}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{6DFD9827-E1EC-4041-9E07-4B575C888527}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F75880F5-76CD-4C1C-92FD-D210A6AD9635}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A8F3D334-BD5F-4E5A-BECC-6A382A9BBE0D}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{AB3EAEC8-48C8-47CF-8E5D-0C93B51782B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{697E4AEC-3CF2-4A81-B15D-71F115F35A58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{2B7C6AC8-5966-4985-93E4-2D045A8C5658}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6453AFEB-B7CE-4AF1-8286-CA4AB535BE9D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{77D54001-8B4D-4401-90DC-6F4A47B28534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{D5D6CC11-3102-4E4F-A4CD-BAAB352F88F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{B153C39B-4E59-4865-A661-21F1B3540C1C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D6C8535B-1F8A-407D-A759-7F3429C7A3FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3A069091-6BCD-4B90-83A2-66450D1C6D07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6B608769-3630-486F-96C9-E795EB5FD23E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02CE6CD0-C9C4-4C38-AC63-5490783C71A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{433EAD33-C14F-46A6-A192-BB3E8B27E09E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E142D2D-1AAE-4C20-8E8D-463A6E7549B3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{71BE5422-B093-4D91-9E62-4EFCDF4FCA6B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61D7766B-3011-4D69-88EE-85C2FC300C1F}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{6FBA622D-98D4-4864-97B1-68BB7F453502}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{E0E2ED93-C868-4DAD-86B1-AA3EFEC11E04}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B8393AB-AE75-4004-891E-1A74D1FF6068}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CE7196B-CEDE-453C-8617-7EEA0EB34E7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B81FAD9E-41C4-4927-8BB4-1598E136C832}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{751534B8-14A9-4A63-877A-757D12FE5235}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EA7890F8-7FD8-458E-B7EE-F155C3D6740B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44AD6A89-7DD0-48E4-9982-9298DE34FA75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DB9C9A7-0F50-4A20-9FC2-C7A24C748F21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85BB7811-2008-406A-B0F3-7148DEB8647E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{722915E1-EC29-4109-8BEE-1087C7B0E120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8A2D58-19F2-445A-999F-80986F7D7E6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1A2BAD2-651D-4524-A3DE-E7FA739F60EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AF69B7B-47AE-4404-BCAE-46DB8CBA9600}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:475.69 GB) (Free:253.24 GB) (53%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2022 02:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EpicWebHelper.exe, verze: 4.23.0.0, časové razítko: 0x61dc8e98
Název chybujícího modulu: libcef.dll, verze: 84.1.6.0, časové razítko: 0x5ed84288
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002be0e39
ID chybujícího procesu: 0x1b0c
Čas spuštění chybující aplikace: 0x01d80a12b32e2a4c
Cesta k chybující aplikaci: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
ID zprávy: ff010605-d2b4-476d-b1b4-5f528721f9a4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/14/2022 04:12:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 14 Jan 2022 15:12:00 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a2d67399-17db-4345-97d8-54dd8b84eac0
Metoda: GET(204ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/12/2022 09:25:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 12 Jan 2022 20:25:38 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1daf471e-8853-4cb8-abb3-7fe2cece9bfd
Metoda: GET(266ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:28 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Jan 2022 23:57:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 01b238df-4fc5-490a-ae4d-2480965e637f
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:00 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/12/2022 12:57:00 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (01/25/2022 02:30:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/24/2022 11:50:14 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {479d73be-c7bf-440e-a523-e3e8c3caa1f8}, došlo k události 74.
Error: (01/23/2022 09:13:28 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error: (01/20/2022 05:19:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/20/2022 04:16:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (01/19/2022 06:04:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/19/2022 04:51:43 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (01/19/2022 03:06:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2022-01-25 02:30:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2CF7D384-1DDC-46DE-B073-BB94151A0028}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-24 13:20:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {41671466-5836-48A6-B00A-3A5708F0C7DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-20 17:03:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {19B878C8-E97D-45A7-8D0B-ACD56EDC18C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-19 12:54:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3E3EE13-0F1A-4ADC-BF89-DA95B14F2852}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-18 01:49:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D5E24CAA-C5F7-4441-9B1F-A7E3694CA747}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-01-25 19:34:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswidsagent.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-25 12:27:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-25 12:27:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-25 12:27:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO G5CN16WW(V1.04) 02/03/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 5700U with Radeon Graphics
Percentage of memory in use: 64%
Total physical RAM: 15722.31 MB
Available physical RAM: 5587.3 MB
Total Virtual: 24938.31 MB
Available Virtual: 9859.8 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:253.24 GB) (Protected) NTFS
\\?\Volume{9e6b0568-7b8a-49ac-9a30-4b40ae471739}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{ca95f999-bea6-46fc-8c11-b2f477cb7ad0}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D29A838C)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu po uzamčení malware
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu po uzamčení malware
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedii
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu po uzamčení malware
Hezký den,
přikládám log. Skenování a čištění proběhlo bez restartu, program restart nevyžádal.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-26-2022
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2206 octets] - [26/01/2022 00:10:19]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
přikládám log. Skenování a čištění proběhlo bez restartu, program restart nevyžádal.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-26-2022
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2206 octets] - [26/01/2022 00:10:19]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu po uzamčení malware
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu po uzamčení malware
Zdravím,
níže nový log. FYI přidávám info, že mi Avast přesunul FRST do karantény, kvůli "objevení hrozby" IDP.HELU.AID15. Z kranatény jsem pro důvěruu FRST obnovil a nechal vytvořit log.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2022
Ran by stepa (administrator) on LAPTOP-3LMH3KRC (LENOVO 82LM) (26-01-2022 13:08:37)
Running from C:\Users\stepa\Desktop
Loaded Profiles: stepa
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atiesrxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <5>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\FnHotkeyUtility.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1171184 2020-09-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\stepa\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> )
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33627104 2022-01-26] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03E383AB-197B-47AE-9A84-FB6DAB1B6D15} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {05AFBB08-CC2A-4B6D-B72F-8203BD290CAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-14] (Piriform Software Ltd -> Piriform)
Task: {069681D9-C2CF-4B67-8C96-EF6812D96D2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B999641-312E-49AE-B92F-53863DE92739} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {0C8A1620-42A4-4EF5-AFF1-96622CC7BC47} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {10AC3968-4FB6-4C53-A42E-B626CD2317E8} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {12B60DF6-4F44-46A5-9835-4D530C0EFF9F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {1A5E9616-BA46-42BB-8AFD-21D0FC6A680B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D0D43D6-CBF1-478D-8BC3-A12B95B719CD} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
Task: {1D5B880A-AB3E-4736-8776-BF0DC046C7C7} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {33BF268F-940E-432E-912A-CD86C00B6E6B} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {408FEE92-4714-4C2E-B070-FAE2CA9B4551} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {42DBA88A-4FC4-4EA7-ADEB-808577AAE76F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {49EA738E-D545-4F84-A503-0B1347E483CA} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {4B82195F-4664-4653-A1A1-4BB83BED120D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {4D73D4B9-7682-4111-B4E2-7069864ACC41} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c0f972c1-be4a-4e5e-9c22-b376191e66c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {5AD860EE-E0A2-4334-B509-217DA1D102AC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\22fea54b-491f-418e-ab55-48bb92b7d933 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {60446D0E-543F-41E8-B164-D660B99846E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-10-11] (Avast Software s.r.o. -> Avast Software)
Task: {6085614B-2F24-46FE-8495-1E13D9955F07} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4696128 2021-11-18] (McAfee, LLC -> McAfee, LLC)
Task: {61B2F7B0-ED5D-4D4D-96D5-C4948CBB4EDC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C6E06F8-2468-4913-836B-9845778E02BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81B793EC-DDEA-4979-8BFB-C0391E5E70F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {8288514E-3FA6-4EA4-964A-CBE88E936203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {84A2190F-1701-493E-85B5-8772DE8A2060} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)
Task: {8CBD660A-F07B-437A-B899-06A847CFE9B4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cc6440eb-4b00-4f47-a206-da8dadcfb1ed => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {94801C78-DB8B-472E-9DD6-5EE4F32CF9DE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9354252b-4ada-45db-aa98-35ac6ce727d7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {99A873B2-3B96-4131-B8B3-ECDF53765135} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A0B83ED7-CDE3-49CA-8E9E-A3B9D9E7D0E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64248 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {A22654D7-8CCA-454D-B95D-DF6423BE6CA2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A90D2E19-82F5-4642-B012-DF9275A27132} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {B09A8B00-7983-4334-B6A3-586ABF83EC5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D8CE8A8C-15DC-4638-ADDF-90121FE14031} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {DC2A7E03-E963-43EC-8505-436AF6883AC1} - System32\Tasks\CCleanerSkipUAC - stepa => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD43DC0D-8792-4A71-8035-3FA365CAECC7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {DD4B41D5-A1EA-4996-8C4E-2A3207B57746} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE34C9F5-157B-4FD9-B379-61C742C6B082} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7DC3C12-AF15-4EF5-8901-1EF39A03B512} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7B416AE-89EF-42A9-A2A8-7D75764C2DF4} - System32\Tasks\McAfee Subscription job => \\?\C:\Program Files\McAfee\NexsJobs\McSubscriptionJob.exe [3438816 2022-01-14] (McAfee, LLC -> )
Task: {FE7D933B-94EE-4A66-8530-1A8A17270C08} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {FECE3B00-4582-4D0E-8FEA-B33232B039AE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9b4681db-bec9-499f-a7aa-592574df435e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default [2022-01-26]
CHR Extension: (Prezentace) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-11]
CHR Extension: (Dokumenty) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-11]
CHR Extension: (Disk Google) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-11]
CHR Extension: (YouTube) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-11]
CHR Extension: (Tabulky) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-11]
CHR Extension: (I don't care about cookies) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-01-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-26]
CHR Extension: (Grammarly for Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-11]
CHR Extension: (Gmail) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [377712 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe [201472 2021-11-21] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2022-01-13] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [797576 2021-11-17] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-25] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\\McCSPServiceHost.exe [2671064 2021-11-12] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1257520 2021-05-03] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1678048 2021-10-28] (McAfee, LLC -> McAfee, LLC)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-10-11] (Microsoft Windows -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_1c7347b4b6a6d779\amdacpafd.sys [265528 2020-11-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\amdkmdag.sys [83123536 2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-09-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 netrtp; C:\WINDOWS\System32\DRIVERS\netrtp.sys [46576 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-10-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-10-13] (WireGuard LLC -> WireGuard LLC)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-26 13:04 - 2022-01-26 13:08 - 000000000 ____D C:\Users\stepa\Desktop\FRST-OlderVersion
2022-01-26 00:09 - 2022-01-26 00:19 - 000000000 ____D C:\AdwCleaner
2022-01-26 00:08 - 2022-01-26 00:08 - 008540344 _____ (Malwarebytes) C:\Users\stepa\Desktop\adwcleaner_8.3.1.exe
2022-01-25 21:04 - 2022-01-26 13:09 - 000032492 _____ C:\Users\stepa\Desktop\FRST.txt
2022-01-25 21:04 - 2022-01-26 13:08 - 000000000 ____D C:\FRST
2022-01-25 21:00 - 2022-01-26 13:04 - 002311680 _____ (Farbar) C:\Users\stepa\Desktop\FRST64.exe
2022-01-25 20:33 - 2022-01-25 20:33 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Sony
2022-01-25 12:44 - 2022-01-25 13:06 - 000049332 _____ C:\Users\stepa\Downloads\Mezenský - Vstupní dotazník (Entrance form).xlsx
2022-01-24 23:51 - 2022-01-24 23:51 - 000000000 ____D C:\Users\stepa\AppData\Local\4kdownload.com
2022-01-24 23:11 - 2022-01-24 23:12 - 004517198 _____ C:\Users\stepa\Downloads\quiz.pptx.pdf
2022-01-24 13:20 - 2022-01-24 13:20 - 000319600 _____ C:\Users\stepa\Downloads\RISKUJ.pptx
2022-01-23 16:42 - 2022-01-25 18:27 - 000000000 ____D C:\Users\stepa\Desktop\pubquiz - výročí
2022-01-14 16:08 - 2022-01-14 16:03 - 000046576 _____ C:\WINDOWS\system32\Drivers\netrtp.sys
2022-01-14 16:04 - 2022-01-14 16:04 - 000000000 ___HD C:\$AV_ASW
2022-01-14 16:03 - 2022-01-14 16:04 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Lenovo
2022-01-14 16:03 - 2022-01-14 16:03 - 150958240 _____ (Lenovo) C:\Users\stepa\Downloads\lenovopcmanager_apps.exe
2022-01-13 20:25 - 2022-01-13 20:32 - 1059133781 _____ C:\Users\stepa\Downloads\DOD 2022.mp4
2022-01-12 19:55 - 2022-01-12 19:55 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-11 23:09 - 2022-01-11 23:09 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-11 23:03 - 2022-01-11 23:03 - 000000000 ___HD C:\$WinREAgent
2022-01-11 17:34 - 2022-01-11 17:34 - 002384287 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP (1).pptx
2022-01-11 17:32 - 2022-01-11 17:32 - 002384296 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 003585970 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 000252091 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pdf
2022-01-11 17:29 - 2022-01-11 17:29 - 000051724 _____ C:\Users\stepa\Downloads\DOD_2022_JG.pptx
2022-01-10 14:00 - 2022-01-11 17:43 - 000000000 ____D C:\Users\stepa\Desktop\HRY
2022-01-10 13:06 - 2022-01-10 13:06 - 000000000 ____D C:\Users\stepa\Desktop\SPSS komplet
2022-01-10 13:03 - 2022-01-10 13:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-01-07 23:22 - 2022-01-07 23:22 - 000507148 _____ C:\Users\stepa\Desktop\2218097511.pdf
2022-01-07 23:18 - 2022-01-07 23:19 - 000000000 ____D C:\Users\stepa\Desktop\photoshop
2022-01-07 21:05 - 2022-01-07 21:05 - 010786722 _____ C:\Users\stepa\Downloads\ReplicationClassPaper_12.30.pdf
2022-01-07 20:45 - 2022-01-07 20:45 - 000098078 _____ C:\Users\stepa\Downloads\StepanMezensky.pdf
2022-01-06 16:03 - 2022-01-06 16:03 - 000094904 _____ C:\Users\stepa\Desktop\radiofee.pdf
2022-01-06 15:48 - 2022-01-06 15:48 - 000000000 ____D C:\Users\stepa\AppData\Local\LenovoServiceBridge
2022-01-05 20:17 - 2022-01-23 20:24 - 000000000 ____D C:\Users\stepa\Desktop\DOD
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ C:\Users\stepa\AppData\Local\recently-used.xbel
2022-01-04 16:36 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\Desktop\GIMP
2022-01-04 16:35 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\AppData\Local\gtk-2.0
2022-01-04 16:29 - 2022-01-04 16:29 - 017224314 _____ C:\Users\stepa\Downloads\covery_template.psd
2022-01-04 16:27 - 2022-01-04 16:41 - 000000000 ____D C:\Users\stepa\AppData\Local\babl-0.1
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\gegl-0.4
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\.cache
2022-01-04 16:25 - 2022-01-04 16:25 - 000000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.30.lnk
2022-01-04 16:23 - 2022-01-04 16:24 - 000000000 ____D C:\Program Files\GIMP 2
2022-01-04 16:22 - 2022-01-04 16:22 - 257259032 _____ (The GIMP Team ) C:\Users\stepa\Downloads\gimp-2.10.30-setup.exe
2022-01-03 15:14 - 2022-01-03 15:14 - 000069998 _____ C:\Users\stepa\Downloads\abschluss991ec8da-6f91-4904-89ba-ca3d893de719.pdf
2021-12-29 09:06 - 2021-12-29 09:06 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-29 09:06 - 2021-12-29 09:06 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-29 09:06 - 2021-12-29 09:06 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-27 16:39 - 2021-12-27 16:39 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901 (1).pdf
2021-12-27 16:37 - 2021-12-27 16:37 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901.pdf
2021-12-27 16:36 - 2021-12-27 16:36 - 000344574 _____ C:\Users\stepa\Downloads\Informacni memorandum.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-26 13:07 - 2021-10-12 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-01-26 13:06 - 2021-10-11 00:32 - 000000000 ____D C:\Program Files\CCleaner
2022-01-26 13:02 - 2021-10-10 23:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-26 13:02 - 2019-12-07 15:41 - 000717834 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-26 13:02 - 2019-12-07 15:41 - 000144996 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-26 13:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-26 13:01 - 2021-11-29 18:39 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F95A899A-FAB6-4AA6-8240-140235E151DC}
2022-01-26 13:01 - 2021-10-11 00:36 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-26 13:01 - 2021-10-11 00:33 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-26 13:01 - 2021-10-11 00:32 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-26 13:01 - 2021-10-11 00:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-26 13:01 - 2021-10-10 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-26 13:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-26 02:25 - 2021-12-12 15:41 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-26 02:25 - 2021-10-12 16:59 - 000002508 _____ C:\WINDOWS\system32\Tasks\McAfee Subscription job
2022-01-26 02:25 - 2021-10-11 01:08 - 000002662 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2022-01-26 02:25 - 2021-10-11 00:32 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - stepa
2022-01-26 02:25 - 2021-10-11 00:26 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-26 02:25 - 2021-10-11 00:14 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-26 02:25 - 2021-10-11 00:14 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-26 02:25 - 2021-10-11 00:13 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-26 02:25 - 2021-10-10 22:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 02:25 - 2021-10-10 22:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-26 02:23 - 2021-10-11 00:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-26 01:24 - 2021-10-11 00:21 - 000000000 ____D C:\Users\stepa\AppData\Local\Adobe
2022-01-26 01:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-26 01:20 - 2021-10-14 08:23 - 000000000 __RSD C:\Users\stepa\Documents\Trezory společnosti McAfee
2022-01-26 01:19 - 2021-10-13 08:34 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-26 01:19 - 2021-10-11 00:30 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-26 01:19 - 2021-10-11 00:11 - 000000000 ____D C:\Users\stepa\AppData\Local\D3DSCache
2022-01-26 01:19 - 2021-10-10 22:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-26 01:19 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Lenovo
2022-01-26 01:19 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Goodix
2022-01-26 01:19 - 2021-08-29 12:22 - 000000000 ___RD C:\Users\stepa\OneDrive
2022-01-26 01:19 - 2020-11-27 01:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-26 01:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-26 01:19 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-26 01:18 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-25 20:30 - 2021-10-12 17:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\vlc
2022-01-25 00:18 - 2021-11-06 16:07 - 000000000 ____D C:\Users\stepa\AppData\Roaming\audacity
2022-01-24 11:50 - 2021-10-05 13:03 - 000000000 ____D C:\Users\stepa\Desktop\filmy
2022-01-23 11:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 21:02 - 2021-10-11 00:15 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-11 00:15 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-10 22:55 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-22 21:02 - 2020-11-19 08:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-20 01:18 - 2021-10-10 23:08 - 000002392 _____ C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-19 19:05 - 2021-10-19 14:23 - 000000000 ____D C:\Users\stepa\Desktop\MiroPodcast
2022-01-19 12:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-17 16:26 - 2021-04-14 23:50 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-15 14:20 - 2021-10-11 01:05 - 000000000 ____D C:\Users\stepa\AppData\Local\CrashDumps
2022-01-14 17:04 - 2021-10-11 00:25 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-14 17:04 - 2021-10-11 00:25 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-14 16:11 - 2021-10-11 00:13 - 000000000 ____D C:\Users\stepa\AppData\Local\Lenovo
2022-01-14 16:11 - 2021-10-10 23:08 - 000000000 ____D C:\Users\stepa
2022-01-14 16:11 - 2021-04-14 23:58 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-01-14 16:08 - 2021-04-14 23:57 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-01-13 01:07 - 2021-08-29 12:20 - 000064248 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-13 01:06 - 2021-08-29 12:20 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-13 01:06 - 2021-08-29 12:20 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-13 01:06 - 2021-04-14 23:49 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-12 19:55 - 2021-10-11 00:24 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Zoom
2022-01-12 19:55 - 2021-08-31 14:07 - 000001942 _____ C:\Users\stepa\Desktop\Zoom.lnk
2022-01-12 00:57 - 2021-10-10 22:54 - 000437064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-11 23:03 - 2021-10-12 23:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-11 23:02 - 2021-10-12 23:30 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 17:43 - 2021-11-30 00:22 - 000000000 ____D C:\Users\stepa\Desktop\IBM SPSS Statistics 26.0 IF006 + Crack [www.TheWindowsForum.com].rar
2022-01-07 23:29 - 2021-10-10 22:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-07 23:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-01-07 21:05 - 2021-09-05 20:55 - 000000000 ____D C:\Users\stepa\Desktop\reproduction
2021-12-29 09:06 - 2021-10-11 00:33 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-29 09:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== Files in the root of some directories ========
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ () C:\Users\stepa\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Ran by stepa (26-01-2022 13:09:28)
Running from C:\Users\stepa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2021-10-10 22:16:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1915851472-2192339704-3292565872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1915851472-2192339704-3292565872-503 - Limited - Disabled)
Guest (S-1-5-21-1915851472-2192339704-3292565872-501 - Limited - Disabled)
stepa (S-1-5-21-1915851472-2192339704-3292565872-1001 - Administrator - Enabled) => C:\Users\stepa
WDAGUtilityAccount (S-1-5-21-1915851472-2192339704-3292565872-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Audacity 3.1.2 (HKLM\...\Audacity_is1) (Version: 3.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1091 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
IBM SPSS Statistics 26 (HKLM-x32\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R41 - McAfee, LLC)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 4 - MSI Co., LTD)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
OpenVPN 2.5.0-I601 amd64 (HKLM\...\{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}) (Version: 2.5.019 - OpenVPN, Inc.)
R for Windows 4.1.1 (HKLM\...\R for Windows 4.1.1_is1) (Version: 4.1.1 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 2021.09.0+351 - RStudio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.663 - McAfee, LLC)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m [2021-11-25] (Advanced Micro Devices Inc.) [Startup Task]
AV1 Video Extension -> C:\Program Files\WindowsApps\microsoft.av1videoextension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20602.609.0_x64__rz1tebttyb220 [2021-10-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-19] (Microsoft Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_8.20.2269.0_x64__17mer8kcn3j54 [2021-12-22] (Mirametrix Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-25] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-24] (LENOVO INC.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt [2021-12-16] (Facebook Inc) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.4.4.0_x64__bzg06mxvgh4fa [2022-01-14] (V3TApps)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.17.231.0_x64__dt26b99r8h8gj [2021-10-11] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Smart Microphone Setting -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.0.38.0_x64__4pejv7q2gmsnr [2021-10-11] (Fortemedia)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-23] (Spotify AB) [Startup Task]
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2149.4.0_x64__cv1g1gvanyjgm [2022-01-23] (WhatsApp Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\stepa\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\stepa\Desktop\CATI NMS - Volani z domova\3. Prohlizec CATI NMS.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://cati.nms-mr.com
==================== Loaded Modules (Whitelisted) =============
2021-10-11 00:53 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2021-08-29 17:08 - 2021-08-29 17:11 - 000258048 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stepa\OneDrive\Pictures\background\rainbow_texture679.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90BE4D9A-4E6F-4330-BE0C-93E3909186B9}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{142092D6-A540-4409-9F1A-2789A7966AD2}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{99717A7B-5B50-4519-BC22-A7802A869230}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DAC5FF3-5D23-4BDD-8ABD-DE43F17EE517}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8522670A-572B-45B2-AD6E-E5880CD6490E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6AC4204-A446-4AF9-BC9A-8720DEA41F35}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D429E0D-5D8F-4527-92D3-A5AE1EE482BF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C4363F-E59C-4DCC-BB68-58558EFF786B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2A5191A0-2AF2-4AF1-982A-2A0DAB3DC749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65643EFB-AB0A-4460-807A-AA4C96AA3545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{37EAB394-6071-4794-87A6-4EEB10700F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{A99F274E-0462-41B5-98D0-FD763D25F5D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8659AC6B-F352-4E3A-B9C1-FC7B4A820447}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{F707F5AE-5FCA-4DF4-A5EB-B2C435966C4B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2D96B337-9D2B-4D87-A20F-296E6718A554}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2473B47C-8CE8-4060-8467-C4F26D7E7340}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{34A1B26B-916D-40F6-B0E2-3B34119F00A6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53E38E1-E230-4F0E-97D5-281741C5605A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{592B3B90-4FAB-48A0-B9B0-CB4AA0EF57AD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9BD50D10-8F03-48F2-A3FE-DAD613BAD1C2}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE9D95CE-574E-4916-AF88-A4E837EC9B7C}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{736FF52B-9B7D-41D1-880C-B3A6BCEB870B}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF7113C6-8069-42AB-BC1E-9AB2D2CCEEA5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{3C4EF203-176A-4B20-9F0E-A067B4E1437E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7ABC7093-FB2C-4F24-8CA0-232C2D11B41C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4345FE25-71DA-49F3-A8F5-C58426CDBF75}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{403CB423-6789-4828-BB7B-DD65B9CA3CCA}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{6DFD9827-E1EC-4041-9E07-4B575C888527}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F75880F5-76CD-4C1C-92FD-D210A6AD9635}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A8F3D334-BD5F-4E5A-BECC-6A382A9BBE0D}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{AB3EAEC8-48C8-47CF-8E5D-0C93B51782B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{697E4AEC-3CF2-4A81-B15D-71F115F35A58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{2B7C6AC8-5966-4985-93E4-2D045A8C5658}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6453AFEB-B7CE-4AF1-8286-CA4AB535BE9D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{77D54001-8B4D-4401-90DC-6F4A47B28534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{D5D6CC11-3102-4E4F-A4CD-BAAB352F88F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{B153C39B-4E59-4865-A661-21F1B3540C1C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D6C8535B-1F8A-407D-A759-7F3429C7A3FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3A069091-6BCD-4B90-83A2-66450D1C6D07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6B608769-3630-486F-96C9-E795EB5FD23E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02CE6CD0-C9C4-4C38-AC63-5490783C71A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{433EAD33-C14F-46A6-A192-BB3E8B27E09E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E142D2D-1AAE-4C20-8E8D-463A6E7549B3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{71BE5422-B093-4D91-9E62-4EFCDF4FCA6B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61D7766B-3011-4D69-88EE-85C2FC300C1F}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{6FBA622D-98D4-4864-97B1-68BB7F453502}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{E0E2ED93-C868-4DAD-86B1-AA3EFEC11E04}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B8393AB-AE75-4004-891E-1A74D1FF6068}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CE7196B-CEDE-453C-8617-7EEA0EB34E7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B81FAD9E-41C4-4927-8BB4-1598E136C832}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{751534B8-14A9-4A63-877A-757D12FE5235}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EA7890F8-7FD8-458E-B7EE-F155C3D6740B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44AD6A89-7DD0-48E4-9982-9298DE34FA75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DB9C9A7-0F50-4A20-9FC2-C7A24C748F21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85BB7811-2008-406A-B0F3-7148DEB8647E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{722915E1-EC29-4109-8BEE-1087C7B0E120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8A2D58-19F2-445A-999F-80986F7D7E6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1A2BAD2-651D-4524-A3DE-E7FA739F60EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AF69B7B-47AE-4404-BCAE-46DB8CBA9600}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:475.69 GB) (Free:254.95 GB) (54%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/26/2022 01:19:25 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 26 Jan 2022 00:19:25 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0c493478-00c8-4b3e-8bd4-409d14694315
Metoda: GET(234ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/15/2022 02:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EpicWebHelper.exe, verze: 4.23.0.0, časové razítko: 0x61dc8e98
Název chybujícího modulu: libcef.dll, verze: 84.1.6.0, časové razítko: 0x5ed84288
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002be0e39
ID chybujícího procesu: 0x1b0c
Čas spuštění chybující aplikace: 0x01d80a12b32e2a4c
Cesta k chybující aplikaci: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
ID zprávy: ff010605-d2b4-476d-b1b4-5f528721f9a4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/14/2022 04:12:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 14 Jan 2022 15:12:00 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a2d67399-17db-4345-97d8-54dd8b84eac0
Metoda: GET(204ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/12/2022 09:25:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 12 Jan 2022 20:25:38 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1daf471e-8853-4cb8-abb3-7fe2cece9bfd
Metoda: GET(266ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:28 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Jan 2022 23:57:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 01b238df-4fc5-490a-ae4d-2480965e637f
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:00 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
System errors:
=============
Error: (01/26/2022 01:01:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/26/2022 01:18:31 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-3LMH3KRC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/26/2022 01:16:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/26/2022 01:16:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (01/26/2022 12:19:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (01/26/2022 12:19:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restartovat službu.
Error: (01/26/2022 12:19:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 3krát.
Error: (01/26/2022 12:19:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2022-01-26 00:15:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5570ABCA-3F45-4AE5-BF7D-E161CF36A971}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-25 02:30:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2CF7D384-1DDC-46DE-B073-BB94151A0028}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-24 13:20:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {41671466-5836-48A6-B00A-3A5708F0C7DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-20 17:03:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {19B878C8-E97D-45A7-8D0B-ACD56EDC18C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-19 12:54:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3E3EE13-0F1A-4ADC-BF89-DA95B14F2852}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-01-26 01:49:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee.com\Agent\WSCLLCGlobalSign.exe that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-26 01:49:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\Platform\Core\vtploader.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-26 01:49:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-26 01:49:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO G5CN16WW(V1.04) 02/03/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 5700U with Radeon Graphics
Percentage of memory in use: 50%
Total physical RAM: 15722.31 MB
Available physical RAM: 7826.74 MB
Total Virtual: 24938.31 MB
Available Virtual: 13831.68 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:254.95 GB) (Protected) NTFS
\\?\Volume{9e6b0568-7b8a-49ac-9a30-4b40ae471739}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{ca95f999-bea6-46fc-8c11-b2f477cb7ad0}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D29A838C)
Partition: GPT.
==================== End of Addition.txt =======================
níže nový log. FYI přidávám info, že mi Avast přesunul FRST do karantény, kvůli "objevení hrozby" IDP.HELU.AID15. Z kranatény jsem pro důvěruu FRST obnovil a nechal vytvořit log.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2022
Ran by stepa (administrator) on LAPTOP-3LMH3KRC (LENOVO 82LM) (26-01-2022 13:08:37)
Running from C:\Users\stepa\Desktop
Loaded Profiles: stepa
Platform: Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atiesrxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <5>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\FnHotkeyUtility.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1171184 2020-09-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\stepa\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> )
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33627104 2022-01-26] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03E383AB-197B-47AE-9A84-FB6DAB1B6D15} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {05AFBB08-CC2A-4B6D-B72F-8203BD290CAA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-14] (Piriform Software Ltd -> Piriform)
Task: {069681D9-C2CF-4B67-8C96-EF6812D96D2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B999641-312E-49AE-B92F-53863DE92739} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {0C8A1620-42A4-4EF5-AFF1-96622CC7BC47} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {10AC3968-4FB6-4C53-A42E-B626CD2317E8} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {12B60DF6-4F44-46A5-9835-4D530C0EFF9F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {1A5E9616-BA46-42BB-8AFD-21D0FC6A680B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D0D43D6-CBF1-478D-8BC3-A12B95B719CD} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
Task: {1D5B880A-AB3E-4736-8776-BF0DC046C7C7} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {33BF268F-940E-432E-912A-CD86C00B6E6B} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {408FEE92-4714-4C2E-B070-FAE2CA9B4551} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {42DBA88A-4FC4-4EA7-ADEB-808577AAE76F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {49EA738E-D545-4F84-A503-0B1347E483CA} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {4B82195F-4664-4653-A1A1-4BB83BED120D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {4D73D4B9-7682-4111-B4E2-7069864ACC41} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c0f972c1-be4a-4e5e-9c22-b376191e66c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {5AD860EE-E0A2-4334-B509-217DA1D102AC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\22fea54b-491f-418e-ab55-48bb92b7d933 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {60446D0E-543F-41E8-B164-D660B99846E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-10-11] (Avast Software s.r.o. -> Avast Software)
Task: {6085614B-2F24-46FE-8495-1E13D9955F07} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4696128 2021-11-18] (McAfee, LLC -> McAfee, LLC)
Task: {61B2F7B0-ED5D-4D4D-96D5-C4948CBB4EDC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C6E06F8-2468-4913-836B-9845778E02BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81B793EC-DDEA-4979-8BFB-C0391E5E70F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {8288514E-3FA6-4EA4-964A-CBE88E936203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {84A2190F-1701-493E-85B5-8772DE8A2060} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)
Task: {8CBD660A-F07B-437A-B899-06A847CFE9B4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cc6440eb-4b00-4f47-a206-da8dadcfb1ed => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {94801C78-DB8B-472E-9DD6-5EE4F32CF9DE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9354252b-4ada-45db-aa98-35ac6ce727d7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {99A873B2-3B96-4131-B8B3-ECDF53765135} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A0B83ED7-CDE3-49CA-8E9E-A3B9D9E7D0E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64248 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {A22654D7-8CCA-454D-B95D-DF6423BE6CA2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A90D2E19-82F5-4642-B012-DF9275A27132} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {B09A8B00-7983-4334-B6A3-586ABF83EC5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D8CE8A8C-15DC-4638-ADDF-90121FE14031} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {DC2A7E03-E963-43EC-8505-436AF6883AC1} - System32\Tasks\CCleanerSkipUAC - stepa => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD43DC0D-8792-4A71-8035-3FA365CAECC7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {DD4B41D5-A1EA-4996-8C4E-2A3207B57746} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE34C9F5-157B-4FD9-B379-61C742C6B082} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7DC3C12-AF15-4EF5-8901-1EF39A03B512} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7B416AE-89EF-42A9-A2A8-7D75764C2DF4} - System32\Tasks\McAfee Subscription job => \\?\C:\Program Files\McAfee\NexsJobs\McSubscriptionJob.exe [3438816 2022-01-14] (McAfee, LLC -> )
Task: {FE7D933B-94EE-4A66-8530-1A8A17270C08} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {FECE3B00-4582-4D0E-8FEA-B33232B039AE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9b4681db-bec9-499f-a7aa-592574df435e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-25]
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default [2022-01-26]
CHR Extension: (Prezentace) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-11]
CHR Extension: (Dokumenty) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-11]
CHR Extension: (Disk Google) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-11]
CHR Extension: (YouTube) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-11]
CHR Extension: (Tabulky) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-11]
CHR Extension: (I don't care about cookies) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-01-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-26]
CHR Extension: (Grammarly for Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-11]
CHR Extension: (Gmail) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [377712 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe [201472 2021-11-21] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2022-01-13] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [797576 2021-11-17] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-25] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\\McCSPServiceHost.exe [2671064 2021-11-12] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1257520 2021-05-03] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1678048 2021-10-28] (McAfee, LLC -> McAfee, LLC)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-10-11] (Microsoft Windows -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_1c7347b4b6a6d779\amdacpafd.sys [265528 2020-11-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\amdkmdag.sys [83123536 2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-09-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 netrtp; C:\WINDOWS\System32\DRIVERS\netrtp.sys [46576 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-10-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-10-13] (WireGuard LLC -> WireGuard LLC)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-26 13:04 - 2022-01-26 13:08 - 000000000 ____D C:\Users\stepa\Desktop\FRST-OlderVersion
2022-01-26 00:09 - 2022-01-26 00:19 - 000000000 ____D C:\AdwCleaner
2022-01-26 00:08 - 2022-01-26 00:08 - 008540344 _____ (Malwarebytes) C:\Users\stepa\Desktop\adwcleaner_8.3.1.exe
2022-01-25 21:04 - 2022-01-26 13:09 - 000032492 _____ C:\Users\stepa\Desktop\FRST.txt
2022-01-25 21:04 - 2022-01-26 13:08 - 000000000 ____D C:\FRST
2022-01-25 21:00 - 2022-01-26 13:04 - 002311680 _____ (Farbar) C:\Users\stepa\Desktop\FRST64.exe
2022-01-25 20:33 - 2022-01-25 20:33 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Sony
2022-01-25 12:44 - 2022-01-25 13:06 - 000049332 _____ C:\Users\stepa\Downloads\Mezenský - Vstupní dotazník (Entrance form).xlsx
2022-01-24 23:51 - 2022-01-24 23:51 - 000000000 ____D C:\Users\stepa\AppData\Local\4kdownload.com
2022-01-24 23:11 - 2022-01-24 23:12 - 004517198 _____ C:\Users\stepa\Downloads\quiz.pptx.pdf
2022-01-24 13:20 - 2022-01-24 13:20 - 000319600 _____ C:\Users\stepa\Downloads\RISKUJ.pptx
2022-01-23 16:42 - 2022-01-25 18:27 - 000000000 ____D C:\Users\stepa\Desktop\pubquiz - výročí
2022-01-14 16:08 - 2022-01-14 16:03 - 000046576 _____ C:\WINDOWS\system32\Drivers\netrtp.sys
2022-01-14 16:04 - 2022-01-14 16:04 - 000000000 ___HD C:\$AV_ASW
2022-01-14 16:03 - 2022-01-14 16:04 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Lenovo
2022-01-14 16:03 - 2022-01-14 16:03 - 150958240 _____ (Lenovo) C:\Users\stepa\Downloads\lenovopcmanager_apps.exe
2022-01-13 20:25 - 2022-01-13 20:32 - 1059133781 _____ C:\Users\stepa\Downloads\DOD 2022.mp4
2022-01-12 19:55 - 2022-01-12 19:55 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-11 23:09 - 2022-01-11 23:09 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-11 23:03 - 2022-01-11 23:03 - 000000000 ___HD C:\$WinREAgent
2022-01-11 17:34 - 2022-01-11 17:34 - 002384287 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP (1).pptx
2022-01-11 17:32 - 2022-01-11 17:32 - 002384296 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 003585970 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 000252091 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pdf
2022-01-11 17:29 - 2022-01-11 17:29 - 000051724 _____ C:\Users\stepa\Downloads\DOD_2022_JG.pptx
2022-01-10 14:00 - 2022-01-11 17:43 - 000000000 ____D C:\Users\stepa\Desktop\HRY
2022-01-10 13:06 - 2022-01-10 13:06 - 000000000 ____D C:\Users\stepa\Desktop\SPSS komplet
2022-01-10 13:03 - 2022-01-10 13:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-01-07 23:22 - 2022-01-07 23:22 - 000507148 _____ C:\Users\stepa\Desktop\2218097511.pdf
2022-01-07 23:18 - 2022-01-07 23:19 - 000000000 ____D C:\Users\stepa\Desktop\photoshop
2022-01-07 21:05 - 2022-01-07 21:05 - 010786722 _____ C:\Users\stepa\Downloads\ReplicationClassPaper_12.30.pdf
2022-01-07 20:45 - 2022-01-07 20:45 - 000098078 _____ C:\Users\stepa\Downloads\StepanMezensky.pdf
2022-01-06 16:03 - 2022-01-06 16:03 - 000094904 _____ C:\Users\stepa\Desktop\radiofee.pdf
2022-01-06 15:48 - 2022-01-06 15:48 - 000000000 ____D C:\Users\stepa\AppData\Local\LenovoServiceBridge
2022-01-05 20:17 - 2022-01-23 20:24 - 000000000 ____D C:\Users\stepa\Desktop\DOD
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ C:\Users\stepa\AppData\Local\recently-used.xbel
2022-01-04 16:36 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\Desktop\GIMP
2022-01-04 16:35 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\AppData\Local\gtk-2.0
2022-01-04 16:29 - 2022-01-04 16:29 - 017224314 _____ C:\Users\stepa\Downloads\covery_template.psd
2022-01-04 16:27 - 2022-01-04 16:41 - 000000000 ____D C:\Users\stepa\AppData\Local\babl-0.1
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\gegl-0.4
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\.cache
2022-01-04 16:25 - 2022-01-04 16:25 - 000000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.30.lnk
2022-01-04 16:23 - 2022-01-04 16:24 - 000000000 ____D C:\Program Files\GIMP 2
2022-01-04 16:22 - 2022-01-04 16:22 - 257259032 _____ (The GIMP Team ) C:\Users\stepa\Downloads\gimp-2.10.30-setup.exe
2022-01-03 15:14 - 2022-01-03 15:14 - 000069998 _____ C:\Users\stepa\Downloads\abschluss991ec8da-6f91-4904-89ba-ca3d893de719.pdf
2021-12-29 09:06 - 2021-12-29 09:06 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-29 09:06 - 2021-12-29 09:06 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-29 09:06 - 2021-12-29 09:06 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-27 16:39 - 2021-12-27 16:39 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901 (1).pdf
2021-12-27 16:37 - 2021-12-27 16:37 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901.pdf
2021-12-27 16:36 - 2021-12-27 16:36 - 000344574 _____ C:\Users\stepa\Downloads\Informacni memorandum.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-26 13:07 - 2021-10-12 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-01-26 13:06 - 2021-10-11 00:32 - 000000000 ____D C:\Program Files\CCleaner
2022-01-26 13:02 - 2021-10-10 23:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-26 13:02 - 2019-12-07 15:41 - 000717834 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-26 13:02 - 2019-12-07 15:41 - 000144996 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-26 13:02 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-26 13:01 - 2021-11-29 18:39 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F95A899A-FAB6-4AA6-8240-140235E151DC}
2022-01-26 13:01 - 2021-10-11 00:36 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-26 13:01 - 2021-10-11 00:33 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-26 13:01 - 2021-10-11 00:32 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-26 13:01 - 2021-10-11 00:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-26 13:01 - 2021-10-10 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-26 13:01 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-26 02:25 - 2021-12-12 15:41 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-26 02:25 - 2021-10-12 16:59 - 000002508 _____ C:\WINDOWS\system32\Tasks\McAfee Subscription job
2022-01-26 02:25 - 2021-10-11 01:08 - 000002662 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2022-01-26 02:25 - 2021-10-11 00:32 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - stepa
2022-01-26 02:25 - 2021-10-11 00:26 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-26 02:25 - 2021-10-11 00:14 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-26 02:25 - 2021-10-11 00:14 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-26 02:25 - 2021-10-11 00:13 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-26 02:25 - 2021-10-10 22:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-26 02:25 - 2021-10-10 22:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-26 02:23 - 2021-10-11 00:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-26 01:24 - 2021-10-11 00:21 - 000000000 ____D C:\Users\stepa\AppData\Local\Adobe
2022-01-26 01:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-26 01:20 - 2021-10-14 08:23 - 000000000 __RSD C:\Users\stepa\Documents\Trezory společnosti McAfee
2022-01-26 01:19 - 2021-10-13 08:34 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-26 01:19 - 2021-10-11 00:30 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-26 01:19 - 2021-10-11 00:11 - 000000000 ____D C:\Users\stepa\AppData\Local\D3DSCache
2022-01-26 01:19 - 2021-10-10 22:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-26 01:19 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Lenovo
2022-01-26 01:19 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Goodix
2022-01-26 01:19 - 2021-08-29 12:22 - 000000000 ___RD C:\Users\stepa\OneDrive
2022-01-26 01:19 - 2020-11-27 01:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-26 01:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-26 01:19 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-26 01:18 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-25 20:30 - 2021-10-12 17:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\vlc
2022-01-25 00:18 - 2021-11-06 16:07 - 000000000 ____D C:\Users\stepa\AppData\Roaming\audacity
2022-01-24 11:50 - 2021-10-05 13:03 - 000000000 ____D C:\Users\stepa\Desktop\filmy
2022-01-23 11:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 21:02 - 2021-10-11 00:15 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-11 00:15 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-10 22:55 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-22 21:02 - 2020-11-19 08:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-20 01:18 - 2021-10-10 23:08 - 000002392 _____ C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-19 19:05 - 2021-10-19 14:23 - 000000000 ____D C:\Users\stepa\Desktop\MiroPodcast
2022-01-19 12:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-17 16:26 - 2021-04-14 23:50 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-15 14:20 - 2021-10-11 01:05 - 000000000 ____D C:\Users\stepa\AppData\Local\CrashDumps
2022-01-14 17:04 - 2021-10-11 00:25 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-14 17:04 - 2021-10-11 00:25 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-14 16:11 - 2021-10-11 00:13 - 000000000 ____D C:\Users\stepa\AppData\Local\Lenovo
2022-01-14 16:11 - 2021-10-10 23:08 - 000000000 ____D C:\Users\stepa
2022-01-14 16:11 - 2021-04-14 23:58 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-01-14 16:08 - 2021-04-14 23:57 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-01-13 01:07 - 2021-08-29 12:20 - 000064248 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-13 01:06 - 2021-08-29 12:20 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-13 01:06 - 2021-08-29 12:20 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-13 01:06 - 2021-04-14 23:49 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-12 19:55 - 2021-10-11 00:24 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Zoom
2022-01-12 19:55 - 2021-08-31 14:07 - 000001942 _____ C:\Users\stepa\Desktop\Zoom.lnk
2022-01-12 00:57 - 2021-10-10 22:54 - 000437064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-11 23:03 - 2021-10-12 23:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-11 23:02 - 2021-10-12 23:30 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 17:43 - 2021-11-30 00:22 - 000000000 ____D C:\Users\stepa\Desktop\IBM SPSS Statistics 26.0 IF006 + Crack [www.TheWindowsForum.com].rar
2022-01-07 23:29 - 2021-10-10 22:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-07 23:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-01-07 21:05 - 2021-09-05 20:55 - 000000000 ____D C:\Users\stepa\Desktop\reproduction
2021-12-29 09:06 - 2021-10-11 00:33 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-29 09:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== Files in the root of some directories ========
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ () C:\Users\stepa\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Ran by stepa (26-01-2022 13:09:28)
Running from C:\Users\stepa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2021-10-10 22:16:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1915851472-2192339704-3292565872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1915851472-2192339704-3292565872-503 - Limited - Disabled)
Guest (S-1-5-21-1915851472-2192339704-3292565872-501 - Limited - Disabled)
stepa (S-1-5-21-1915851472-2192339704-3292565872-1001 - Administrator - Enabled) => C:\Users\stepa
WDAGUtilityAccount (S-1-5-21-1915851472-2192339704-3292565872-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Audacity 3.1.2 (HKLM\...\Audacity_is1) (Version: 3.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1091 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.89 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
IBM SPSS Statistics 26 (HKLM-x32\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R41 - McAfee, LLC)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 4 - MSI Co., LTD)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
OpenVPN 2.5.0-I601 amd64 (HKLM\...\{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}) (Version: 2.5.019 - OpenVPN, Inc.)
R for Windows 4.1.1 (HKLM\...\R for Windows 4.1.1_is1) (Version: 4.1.1 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 2021.09.0+351 - RStudio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.663 - McAfee, LLC)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m [2021-11-25] (Advanced Micro Devices Inc.) [Startup Task]
AV1 Video Extension -> C:\Program Files\WindowsApps\microsoft.av1videoextension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20602.609.0_x64__rz1tebttyb220 [2021-10-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-19] (Microsoft Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_8.20.2269.0_x64__17mer8kcn3j54 [2021-12-22] (Mirametrix Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-25] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-24] (LENOVO INC.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt [2021-12-16] (Facebook Inc) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.4.4.0_x64__bzg06mxvgh4fa [2022-01-14] (V3TApps)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.17.231.0_x64__dt26b99r8h8gj [2021-10-11] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Smart Microphone Setting -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.0.38.0_x64__4pejv7q2gmsnr [2021-10-11] (Fortemedia)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-23] (Spotify AB) [Startup Task]
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2149.4.0_x64__cv1g1gvanyjgm [2022-01-23] (WhatsApp Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\stepa\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\stepa\Desktop\CATI NMS - Volani z domova\3. Prohlizec CATI NMS.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://cati.nms-mr.com
==================== Loaded Modules (Whitelisted) =============
2021-10-11 00:53 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2021-08-29 17:08 - 2021-08-29 17:11 - 000258048 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stepa\OneDrive\Pictures\background\rainbow_texture679.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90BE4D9A-4E6F-4330-BE0C-93E3909186B9}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{142092D6-A540-4409-9F1A-2789A7966AD2}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{99717A7B-5B50-4519-BC22-A7802A869230}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DAC5FF3-5D23-4BDD-8ABD-DE43F17EE517}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8522670A-572B-45B2-AD6E-E5880CD6490E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6AC4204-A446-4AF9-BC9A-8720DEA41F35}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D429E0D-5D8F-4527-92D3-A5AE1EE482BF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C4363F-E59C-4DCC-BB68-58558EFF786B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2A5191A0-2AF2-4AF1-982A-2A0DAB3DC749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65643EFB-AB0A-4460-807A-AA4C96AA3545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{37EAB394-6071-4794-87A6-4EEB10700F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{A99F274E-0462-41B5-98D0-FD763D25F5D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8659AC6B-F352-4E3A-B9C1-FC7B4A820447}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{F707F5AE-5FCA-4DF4-A5EB-B2C435966C4B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2D96B337-9D2B-4D87-A20F-296E6718A554}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2473B47C-8CE8-4060-8467-C4F26D7E7340}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{34A1B26B-916D-40F6-B0E2-3B34119F00A6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53E38E1-E230-4F0E-97D5-281741C5605A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{592B3B90-4FAB-48A0-B9B0-CB4AA0EF57AD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9BD50D10-8F03-48F2-A3FE-DAD613BAD1C2}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE9D95CE-574E-4916-AF88-A4E837EC9B7C}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{736FF52B-9B7D-41D1-880C-B3A6BCEB870B}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF7113C6-8069-42AB-BC1E-9AB2D2CCEEA5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{3C4EF203-176A-4B20-9F0E-A067B4E1437E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7ABC7093-FB2C-4F24-8CA0-232C2D11B41C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4345FE25-71DA-49F3-A8F5-C58426CDBF75}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{403CB423-6789-4828-BB7B-DD65B9CA3CCA}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{6DFD9827-E1EC-4041-9E07-4B575C888527}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F75880F5-76CD-4C1C-92FD-D210A6AD9635}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A8F3D334-BD5F-4E5A-BECC-6A382A9BBE0D}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{AB3EAEC8-48C8-47CF-8E5D-0C93B51782B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{697E4AEC-3CF2-4A81-B15D-71F115F35A58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{2B7C6AC8-5966-4985-93E4-2D045A8C5658}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6453AFEB-B7CE-4AF1-8286-CA4AB535BE9D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{77D54001-8B4D-4401-90DC-6F4A47B28534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{D5D6CC11-3102-4E4F-A4CD-BAAB352F88F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{B153C39B-4E59-4865-A661-21F1B3540C1C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D6C8535B-1F8A-407D-A759-7F3429C7A3FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3A069091-6BCD-4B90-83A2-66450D1C6D07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6B608769-3630-486F-96C9-E795EB5FD23E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02CE6CD0-C9C4-4C38-AC63-5490783C71A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{433EAD33-C14F-46A6-A192-BB3E8B27E09E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E142D2D-1AAE-4C20-8E8D-463A6E7549B3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{71BE5422-B093-4D91-9E62-4EFCDF4FCA6B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61D7766B-3011-4D69-88EE-85C2FC300C1F}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{6FBA622D-98D4-4864-97B1-68BB7F453502}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{E0E2ED93-C868-4DAD-86B1-AA3EFEC11E04}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B8393AB-AE75-4004-891E-1A74D1FF6068}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CE7196B-CEDE-453C-8617-7EEA0EB34E7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B81FAD9E-41C4-4927-8BB4-1598E136C832}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{751534B8-14A9-4A63-877A-757D12FE5235}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EA7890F8-7FD8-458E-B7EE-F155C3D6740B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44AD6A89-7DD0-48E4-9982-9298DE34FA75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DB9C9A7-0F50-4A20-9FC2-C7A24C748F21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85BB7811-2008-406A-B0F3-7148DEB8647E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{722915E1-EC29-4109-8BEE-1087C7B0E120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8A2D58-19F2-445A-999F-80986F7D7E6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1A2BAD2-651D-4524-A3DE-E7FA739F60EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AF69B7B-47AE-4404-BCAE-46DB8CBA9600}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:475.69 GB) (Free:254.95 GB) (54%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/26/2022 01:19:25 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 26 Jan 2022 00:19:25 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0c493478-00c8-4b3e-8bd4-409d14694315
Metoda: GET(234ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/15/2022 02:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EpicWebHelper.exe, verze: 4.23.0.0, časové razítko: 0x61dc8e98
Název chybujícího modulu: libcef.dll, verze: 84.1.6.0, časové razítko: 0x5ed84288
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002be0e39
ID chybujícího procesu: 0x1b0c
Čas spuštění chybující aplikace: 0x01d80a12b32e2a4c
Cesta k chybující aplikaci: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
ID zprávy: ff010605-d2b4-476d-b1b4-5f528721f9a4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/14/2022 04:12:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 14 Jan 2022 15:12:00 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a2d67399-17db-4345-97d8-54dd8b84eac0
Metoda: GET(204ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/12/2022 09:25:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 12 Jan 2022 20:25:38 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1daf471e-8853-4cb8-abb3-7fe2cece9bfd
Metoda: GET(266ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:28 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Jan 2022 23:57:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 01b238df-4fc5-490a-ae4d-2480965e637f
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:00 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
System errors:
=============
Error: (01/26/2022 01:01:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/26/2022 01:18:31 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-3LMH3KRC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/26/2022 01:16:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/26/2022 01:16:03 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).
Error: (01/26/2022 12:19:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (01/26/2022 12:19:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restartovat službu.
Error: (01/26/2022 12:19:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 3krát.
Error: (01/26/2022 12:19:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2022-01-26 00:15:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5570ABCA-3F45-4AE5-BF7D-E161CF36A971}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-25 02:30:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2CF7D384-1DDC-46DE-B073-BB94151A0028}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-24 13:20:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {41671466-5836-48A6-B00A-3A5708F0C7DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-20 17:03:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {19B878C8-E97D-45A7-8D0B-ACD56EDC18C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-19 12:54:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3E3EE13-0F1A-4ADC-BF89-DA95B14F2852}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-01-26 01:49:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee.com\Agent\WSCLLCGlobalSign.exe that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-26 01:49:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\McAfee\Platform\Core\vtploader.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-26 01:49:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-26 01:49:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO G5CN16WW(V1.04) 02/03/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 5700U with Radeon Graphics
Percentage of memory in use: 50%
Total physical RAM: 15722.31 MB
Available physical RAM: 7826.74 MB
Total Virtual: 24938.31 MB
Available Virtual: 13831.68 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:254.95 GB) (Protected) NTFS
\\?\Volume{9e6b0568-7b8a-49ac-9a30-4b40ae471739}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{ca95f999-bea6-46fc-8c11-b2f477cb7ad0}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D29A838C)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu po uzamčení malware
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {33BF268F-940E-432E-912A-CD86C00B6E6B} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {81B793EC-DDEA-4979-8BFB-C0391E5E70F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {8288514E-3FA6-4EA4-964A-CBE88E936203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu po uzamčení malware
Fixlog zde:
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Ran by stepa (26-01-2022 16:52:06) Run:1
Running from C:\Users\stepa\Desktop
Loaded Profiles: stepa
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {33BF268F-940E-432E-912A-CD86C00B6E6B} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {81B793EC-DDEA-4979-8BFB-C0391E5E70F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {8288514E-3FA6-4EA4-964A-CBE88E936203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{33BF268F-940E-432E-912A-CD86C00B6E6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33BF268F-940E-432E-912A-CD86C00B6E6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81B793EC-DDEA-4979-8BFB-C0391E5E70F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81B793EC-DDEA-4979-8BFB-C0391E5E70F6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8288514E-3FA6-4EA4-964A-CBE88E936203}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8288514E-3FA6-4EA4-964A-CBE88E936203}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{284E3018-91B6-4213-989F-8AF180E07044} => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61148995 B
Java, Flash, Steam htmlcache => 304955092 B
Windows/system/drivers => 5926264 B
Edge => 0 B
Chrome => 954604064 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 3145922 B
systemprofile32 => 3145922 B
LocalService => 3213158 B
NetworkService => 3247874 B
stepa => 1013325586 B
RecycleBin => 4660547427 B
EmptyTemp: => 6.5 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-01-2022 16:55:32)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 16:55:32 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Ran by stepa (26-01-2022 16:52:06) Run:1
Running from C:\Users\stepa\Desktop
Loaded Profiles: stepa
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {33BF268F-940E-432E-912A-CD86C00B6E6B} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {81B793EC-DDEA-4979-8BFB-C0391E5E70F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {8288514E-3FA6-4EA4-964A-CBE88E936203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{33BF268F-940E-432E-912A-CD86C00B6E6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33BF268F-940E-432E-912A-CD86C00B6E6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81B793EC-DDEA-4979-8BFB-C0391E5E70F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81B793EC-DDEA-4979-8BFB-C0391E5E70F6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8288514E-3FA6-4EA4-964A-CBE88E936203}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8288514E-3FA6-4EA4-964A-CBE88E936203}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{284E3018-91B6-4213-989F-8AF180E07044} => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61148995 B
Java, Flash, Steam htmlcache => 304955092 B
Windows/system/drivers => 5926264 B
Edge => 0 B
Chrome => 954604064 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 3145922 B
systemprofile32 => 3145922 B
LocalService => 3213158 B
NetworkService => 3247874 B
stepa => 1013325586 B
RecycleBin => 4660547427 B
EmptyTemp: => 6.5 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-01-2022 16:55:32)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
==== End of Fixlog 16:55:32 ====
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu po uzamčení malware
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivní kontrolu po uzamčení malware
Mockrát Vám děkuji, za kontrolu a pomoc. Posílám příspěvek.
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivní kontrolu po uzamčení malware
Za příspěvek děkujeme a vy nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?