Prosím o kontrolu, webhosting mi zablokoval i domenu a nejdou mi posilat emaikly, kvuli napadeni PC malwarem. Dekuju
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2022 01
Ran by pavel (administrator) on LAPTOP-PM9MEU92 (LENOVO 82C5) (11-11-2022 18:19:31)
Running from C:\Users\pavel\Downloads
Loaded Profiles: pavel
Platform: Microsoft Windows 11 Pro Version 22H2 22621.674 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(BatteryWidgetAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(IdeaNotebookAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SettingsWidgetAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.35\msedgewebview2.exe <12>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEMN.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SmartPrivacyAddin).exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4b31d9b38e2bb506\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxextN.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.765.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1085224 2020-06-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2020-09-26] (Open-Shell) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3697029457-159368102-1774820147-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408888 2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3697029457-159368102-1774820147-1001\...\Run: [MicrosoftEdgeAutoLaunch_69421C100E73D208F867737CDCAEF29D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {052FFDED-3C44-46A1-A561-E619A6928AFE} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {06AFD173-1332-42F6-B0E0-AB58CB6C3CDF} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
Task: {08A3952F-947F-4740-9BA5-A203AC9C13F7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-07] (Microsoft Windows -> )
Task: {09C15BC4-56C9-4370-AF35-5F39C11F5211} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
Task: {11394320-882E-493D-A915-47CDA2DB529B} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4552120 2020-01-07] (McAfee, LLC -> McAfee, LLC.)
Task: {3661BC84-5B6D-471B-9448-B0F7377EC529} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {39DD96D1-59B6-4F39-8623-C3245452476F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afac36bd-a17a-48c6-a660-f6e9779814a8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {45D6AF81-9670-42EA-9061-6FD8C76BE489} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {469E30BF-35AD-48ED-8FFD-B627139C0C82} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {5566E733-22D3-43AE-B03B-95A9D6D99ECD} - System32\Tasks\Lenovo\LenovoWelcomeLauncher => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcome.exe [1000856 2022-04-22] (Lenovo -> Lenovo Group Ltd.)
Task: {5C750098-69B7-450A-A377-6A4FAF65F9AC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {5D2E30FD-1736-4E4A-BCE7-BAA0B69D6A77} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {6603C45B-277F-45C4-A46F-3D8247656295} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B253275-0985-413A-9DD9-8FABA41098C1} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {6B4A70BA-1302-4B6A-AFF4-013FDFFDBB92} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {741030AA-5E83-4319-AED7-BD558BF5BA7E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {776BC6E4-BD44-42F5-A9F4-3A5FA8103FE3} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752200 2018-05-21] (HP Inc. -> )
Task: {8882D5C1-4244-43A6-85FE-D9AEBE99863D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\38c20316-8d46-4e89-8564-8726a359a0d2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {89506C9C-ACA3-474D-AE64-18DCEC6867BD} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8BD10BFA-3AE3-4A09-8EE0-23E2FB14C15A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8D765EF9-1CAA-4408-A0B5-6B4BDDEF757D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {A128FA74-9A2D-44F5-AC14-89C9131D5385} - System32\Tasks\Lenovo\LenovoWelcomeUninstall => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenoveWelcomeUninstall.exe [17816 2022-04-22] (Lenovo -> Lenovo Group Ltd.)
Task: {A7EFFC94-35B4-4E4A-92BA-487E9EBCE253} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308520 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9C7D034-0771-4EBA-A456-85FF23E2CDB2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-28] (Avast Software s.r.o. -> Avast Software)
Task: {ACAEBD3F-F6BC-4E2F-8682-7E1D7952D014} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B0271219-A0EF-44D1-8185-1195D6771ED3} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B307C451-55E3-4070-9A73-CD75DB62A23C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B67EDCD6-6E92-4F31-B71A-40E1F1CD646F} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C7E8F51F-B5DA-49A4-BB3D-E2DEA8F5B71B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6d133329-0044-4405-8191-4238c232c1a0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C80305B5-2CC9-44E8-A475-69EB347BD26B} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CCF8F0A3-A7B6-4C21-9C27-EFF8E28CF579} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D9739048-364B-4B91-B312-18B9242D522B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
Task: {D99E8D5B-EB4B-401D-99BC-53E491B309C5} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {DE511E0E-9487-48F4-9137-4E65047A4322} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\55edcbae-69f7-4e7a-8f8f-1dc10737fcfe => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E0ABAA8F-2614-43AB-9226-9706021AE1E0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5e235518-e541-4864-9451-ebc62acfc187 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E5D1FF34-2108-42CB-A83A-D88EB509AD87} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308520 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBEFAAB3-99B5-474F-B4F0-F2220FF113FD} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF353EFB-67CF-4D6F-9B91-59A37ACCD93C} - System32\Tasks\Lenovo\LenovoWelcomeTask => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcomeTask.exe [1555352 2022-04-22] (Lenovo -> Lenovo Group Ltd.)
Task: {F2358D97-C112-4CAE-BFFB-08FF2B6C7315} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F61E407B-15B6-4293-95B5-422076527656} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {FB70375C-B7FF-4BD4-A205-1F1FC06F5A7E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{77d7b24a-49f5-427c-8d52-d0912ee77b5c}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{df9b84f9-e821-4f15-b89e-20891022f570}: [DhcpNameServer] 150.208.1.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\pavel\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-11]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=LCTE
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default [2022-11-11]
CHR Notifications: Default -> hxxps://www.bnk-as.cz; hxxps://www.discovery-japan.me; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Dokumenty Google offline) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539152 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12543912 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5026616 2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1832944 2021-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2022-11-11] (Malwarebytes Inc -> Malwarebytes)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
S3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249328 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75896 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2022-11-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-11-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [527272 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380840 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85920 2020-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521128 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [997800 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [594360 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107960 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116856 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252328 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-11 18:19 - 2022-11-11 18:20 - 000035295 _____ C:\Users\pavel\Downloads\FRST.txt
2022-11-11 18:19 - 2022-11-11 18:19 - 000000000 ____D C:\FRST
2022-11-11 18:16 - 2022-11-11 18:16 - 000693828 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-11 18:16 - 2022-11-11 18:16 - 000143682 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-11 18:11 - 2022-11-11 18:11 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-11-11 18:10 - 2022-11-11 18:10 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-11-11 18:10 - 2022-11-11 18:10 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-11-11 18:10 - 2022-11-11 18:10 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-11 18:10 - 2022-11-11 18:10 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-11 18:10 - 2022-11-11 18:10 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-11-11 18:10 - 2022-11-11 18:10 - 000000000 ____D C:\Users\pavel\AppData\Local\mbam
2022-11-11 18:10 - 2022-11-11 18:10 - 000000000 ____D C:\Users\pavel\AppData\Local\Avast Software
2022-11-11 18:09 - 2022-11-11 18:09 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-11 18:09 - 2022-11-11 18:09 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-11 18:09 - 2022-11-11 18:09 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-11 18:09 - 2022-11-11 18:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-11 18:09 - 2022-11-11 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-11 18:09 - 2022-11-11 18:09 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-11 18:08 - 2022-11-11 18:08 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-11-11 18:06 - 2022-11-11 18:07 - 219256648 _____ (Malwarebytes) C:\Users\pavel\Downloads\mb4-setup-consumer-4.4.5.229-1.0.1430-1.0.44238.exe
2022-11-11 18:03 - 2022-11-11 18:03 - 002375168 _____ (Farbar) C:\Users\pavel\Downloads\FRST64.exe
2022-11-11 18:01 - 2022-11-11 18:01 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-11 18:01 - 2022-11-11 18:01 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-11-11 17:59 - 2022-11-11 17:59 - 000230080 _____ (AVAST Software) C:\Users\pavel\Downloads\avast_free_antivirus_setup_online-st_049u (1).exe
2022-10-28 08:08 - 2022-10-28 08:08 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000157008 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000105312 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-10-28 08:08 - 2022-10-28 08:08 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000016565 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-28 08:07 - 2022-10-28 08:07 - 000000000 ___HD C:\$WinREAgent
2022-10-19 07:58 - 2022-11-06 19:11 - 000000000 ____D C:\Windows.old
2022-10-19 07:57 - 2022-10-19 07:58 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-10-19 07:56 - 2022-10-19 07:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-10-19 07:56 - 2022-10-19 07:56 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-10-19 07:53 - 2022-10-19 07:53 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-10-19 07:53 - 2022-10-19 07:53 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-10-19 07:53 - 2022-10-19 07:53 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-10-19 07:53 - 2022-10-19 07:53 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe
2022-10-19 07:53 - 2022-10-19 07:53 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe
2022-10-19 07:53 - 2022-10-19 07:53 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll
2022-10-19 07:50 - 2022-10-19 07:50 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-10-19 07:50 - 2022-10-19 07:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-10-19 07:50 - 2022-10-19 07:50 - 000000000 ____D C:\WINDOWS\addins
2022-10-19 07:08 - 2022-11-11 18:16 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-19 07:06 - 2022-10-19 07:06 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-10-19 07:04 - 2022-11-11 18:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-19 07:04 - 2022-11-11 18:06 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-19 07:04 - 2022-11-10 18:55 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3697029457-159368102-1774820147-1001
2022-10-19 07:04 - 2022-11-10 18:55 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3697029457-159368102-1774820147-1001
2022-10-19 07:04 - 2022-11-10 06:33 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-19 07:04 - 2022-11-10 06:33 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-19 07:04 - 2022-10-19 07:04 - 000004036 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2022-10-19 07:04 - 2022-10-19 07:04 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-19 07:04 - 2022-10-19 07:04 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-19 07:04 - 2022-10-19 07:04 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-19 07:04 - 2022-10-19 07:04 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3697029457-159368102-1774820147-500
2022-10-19 07:04 - 2022-10-19 07:04 - 000002726 _____ C:\WINDOWS\system32\Tasks\EPM Preload
2022-10-19 07:04 - 2022-10-19 07:04 - 000002650 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2022-10-19 07:04 - 2022-10-19 07:04 - 000000020 ___SH C:\Users\pavel\ntuser.ini
2022-10-19 07:04 - 2022-10-19 07:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-10-19 07:04 - 2022-10-19 07:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-19 07:04 - 2022-10-19 07:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-10-19 07:04 - 2020-10-20 22:43 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2454752443-609906946-3128382941-500
2022-10-19 07:04 - 2020-05-06 19:41 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3643460898-1865012685-2946422182-500
2022-10-19 07:03 - 2022-10-19 07:04 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-10-19 07:03 - 2022-10-19 07:04 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-10-19 07:00 - 2022-10-19 07:04 - 000000000 ____D C:\Users\pavel
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Šablony
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Soubory cookie
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Poslední
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Okolní tiskárny
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Okolní síť
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Nabídka Start
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Dokumenty
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Documents\Obrázky
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Documents\Hudba
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Documents\Filmy
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Data aplikací
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\AppData\Local\Data aplikací
2022-10-19 07:00 - 2022-05-07 06:19 - 000001281 _____ C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-10-19 07:00 - 2022-05-07 06:19 - 000000407 _____ C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-10-19 06:59 - 2022-11-10 18:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-19 06:59 - 2022-10-28 08:29 - 000472928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-19 06:59 - 2022-10-19 06:59 - 000000000 ____D C:\WINDOWS\system32\config\BFS
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-11 18:16 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2022-11-11 18:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-11-11 18:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-11 18:11 - 2021-01-14 17:34 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-11 18:10 - 2021-01-14 18:02 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-11 18:09 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-11 18:09 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-11 18:09 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-11 18:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-11 18:08 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-11 18:08 - 2021-02-11 16:30 - 000000000 ____D C:\Program Files\Microsoft Office
2022-11-11 18:08 - 2021-01-15 14:38 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-11-11 18:08 - 2021-01-15 14:38 - 000002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-11-11 18:08 - 2021-01-14 17:32 - 000000000 __SHD C:\Users\pavel\IntelGraphicsProfiles
2022-11-11 18:08 - 2020-10-20 22:54 - 000000000 ___HD C:\Intel
2022-11-11 18:08 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2022-11-11 18:01 - 2021-01-15 14:35 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-11-11 17:59 - 2021-01-14 17:35 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-11 17:59 - 2021-01-14 17:35 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-11 17:59 - 2020-05-06 19:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-11 17:58 - 2021-01-14 18:02 - 000000000 ____D C:\Users\pavel\AppData\Local\D3DSCache
2022-11-10 19:08 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-11-10 19:05 - 2022-05-07 06:17 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2022-11-10 18:55 - 2021-01-15 15:52 - 000002388 _____ C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-08 16:22 - 2021-02-11 16:24 - 000000000 ____D C:\Users\pavel\Documents\Faktury 2021
2022-11-07 06:35 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-07 06:35 - 2021-01-14 17:32 - 000000000 ____D C:\Users\pavel\AppData\Local\Packages
2022-11-06 19:09 - 2022-10-09 07:19 - 000000000 ___DC C:\WINDOWS\Panther
2022-11-06 10:33 - 2020-10-20 22:47 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-28 08:28 - 2022-05-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-28 08:27 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-28 08:21 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-28 08:21 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-28 07:57 - 2021-01-14 17:25 - 000000000 ____D C:\ProgramData\Packages
2022-10-24 04:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-10-24 04:51 - 2021-01-14 17:34 - 000000000 ____D C:\Users\pavel\AppData\Local\PlaceholderTileLogoFolder
2022-10-19 07:58 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2022-10-19 07:58 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-10-19 07:58 - 2021-06-27 06:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-10-19 07:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-10-19 07:58 - 2021-03-12 17:27 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-10-19 07:58 - 2021-02-11 16:26 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2022-10-19 07:58 - 2021-01-15 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open-Shell
2022-10-19 07:58 - 2021-01-14 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProFact
2022-10-19 07:58 - 2021-01-14 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2022-10-19 07:58 - 2021-01-14 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-10-19 07:58 - 2021-01-14 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-19 07:58 - 2020-10-20 22:53 - 000000000 ____D C:\Program Files\Intel
2022-10-19 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-10-19 07:57 - 2022-01-28 22:22 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-10-19 07:57 - 2022-01-28 22:22 - 000000000 ____D C:\WINDOWS\Lenovo
2022-10-19 07:57 - 2021-03-12 18:28 - 000000000 ____D C:\WINDOWS\twain_64
2022-10-19 07:54 - 2022-05-07 06:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2022-10-19 07:54 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2022-10-19 07:51 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2022-10-19 07:50 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-10-19 07:50 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-10-19 07:50 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2022-10-19 07:04 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows NT
2022-10-19 07:04 - 2020-05-06 19:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-19 07:03 - 2021-03-12 17:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2022-10-19 07:00 - 2021-01-14 19:18 - 000000000 ____D C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-19 06:59 - 2022-01-28 22:22 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-10-19 06:59 - 2022-01-28 22:22 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2022-10-19 06:15 - 2021-01-24 07:03 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-19 06:15 - 2021-01-24 07:03 - 000000000 ____D C:\WINDOWS\system32\MRT
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
¨
¨
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2022 01
Ran by pavel (11-11-2022 18:22:04)
Running from C:\Users\pavel\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.674 (X64) (2022-10-19 06:04:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3697029457-159368102-1774820147-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3697029457-159368102-1774820147-503 - Limited - Disabled)
Guest (S-1-5-21-3697029457-159368102-1774820147-501 - Limited - Disabled)
pavel (S-1-5-21-3697029457-159368102-1774820147-1001 - Administrator - Enabled) => C:\Users\pavel
WDAGUtilityAccount (S-1-5-21-3697029457-159368102-1774820147-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.10.6038 - Avast Software)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1677 - Disc Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM\...\{00C43022-CFDA-4942-9D3F-04199C91C939}) (Version: 10.1.18121.8164 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome) (Version: 3.5.0.40 - Lenovo Group Ltd.)
Malwarebytes version 4.4.5.130 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.35 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.35 - Microsoft Corporation)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft Office Home and Business 2016 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3697029457-159368102-1774820147-1001\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Open-Shell (HKLM\...\{F4B6EE58-F183-4B0D-930B-4480673C0F5B}) (Version: 4.4.160 - The Open-Shell Team)
ProFact 5 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.07.2017) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.32 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.4.0_neutral__yxz26nhyzhsrt [2022-11-10] (Microsoft Corp.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2021-01-14] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4 [2022-10-17] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-10-24] (LENOVO INC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-25] (Microsoft Studios) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-28] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-10-28] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-10-28] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-24] (Microsoft Corporation)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-05-04] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2021-01-14] (Realtek Semiconductor Corp)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-03-12] (Samsung Electronics Co. Ltd.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-28] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-04-29 17:26 - 2022-04-29 17:27 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-02-11 16:30 - 2021-02-11 16:30 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-02-11 16:30 - 2021-02-11 16:30 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-09-26 13:47 - 2020-09-26 13:47 - 000975872 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2020-09-26 13:47 - 2020-09-26 13:47 - 002659328 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2017-11-08 07:35 - 2017-11-08 07:35 - 000123904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3697029457-159368102-1774820147-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-10-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3697029457-159368102-1774820147-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pavel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20210827_165449.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0E808762-20F4-4298-97F9-DEFB325A1DB3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58A082D2-9C7E-46D2-B31D-798ABFE247CB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4DF71196-CAFE-4B18-8450-9CF74918969B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{E1FC6D04-4D27-44BB-809F-63FF72D7D0AC}] => (Allow) C:\Users\pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F1E84A96-2835-4272-B789-F2C4C49CA07E}] => (Allow) C:\Users\pavel\AppData\Local\Temp\Ins93AE\Setup.exe => No File
FirewallRules: [{9D7FFA98-F4EF-40E9-8002-6AC3910D2787}] => (Allow) C:\Users\pavel\AppData\Local\Temp\InsEF5E\Setup.exe => No File
FirewallRules: [{4501ECA3-9332-4115-AC19-375D5D17CD6C}] => (Allow) C:\Users\pavel\AppData\Local\Temp\Ins14CF\Setup.exe => No File
FirewallRules: [{BF99C038-59BD-467B-8803-C4F4DC6BC10E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{9B315993-6829-4F06-9340-04F691CAF313}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C879CF1A-F36F-4EA9-99FA-231C546F159C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{00677690-19AC-4388-A2A2-3E1772E67C67}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1AB9199C-21E7-4A62-A8A9-7888D8936211}] => (Allow) C:\Users\pavel\AppData\Local\Temp\InsAE43\Setup.exe => No File
FirewallRules: [{29C7DFC1-77BA-465C-B466-C97D703DAA78}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7904BC92-E700-4A09-82E0-EC477ECAB239}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{19B1C46E-1701-4358-BE19-F09AE8ACD0D0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{08A74C6C-148C-4375-BE9E-7867FA8BCD96}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{4DC6D9FE-8EAB-41A8-9FB0-13832063F012}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{8AB98FF4-3678-4963-9599-8D8A7098A8A7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{D78506C3-0A53-46DC-8677-5EA802515469}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1C522C07-465F-4C3D-BA89-91DA37D23986}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{E5A3CEFA-D619-46E6-AFF5-161596D450D1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{02B2D54D-FA4B-4899-8235-E1CCB42A7CD3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{B96A2C2C-05D5-4FFE-A21F-71B57568C56A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E4E6F4B2-3F2E-49B2-B980-95BED51D660E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{B6ECF984-7760-43FE-B5C1-B993A3AFC1D8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{3B17A871-3E63-414D-9470-47FC583D6B46}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{32A3491D-DB6D-4239-9B1F-30D75F4130BE}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{315E6C53-A171-4FD5-ADEE-919B83B6021A}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E77760E4-5653-4ADF-9F02-82CD26BE65FE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6FB563F-7A9F-46F0-90C8-49B98D7FA43A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E165234-9208-4C77-B51C-CC0944EBB574}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{678C9341-966B-4A7E-9E7B-29FD96104413}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F673489C-8110-404E-B720-C371498B76A6}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{05F209F7-EB28-4FF2-9C95-93B990C017CE}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
07-11-2022 06:35:04 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/11/2022 06:22:34 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Mapi16 nebyl načten. Popis chyby: (HRESULT : 0x80004005).
Error: (11/11/2022 05:58:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1033\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/11/2022 05:58:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1029\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/10/2022 07:05:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1033\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/10/2022 07:05:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1029\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/10/2022 07:05:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1033\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/10/2022 07:05:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1029\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (11/10/2022 07:05:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1033\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (11/11/2022 06:08:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba HvHost byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (11/11/2022 06:08:06 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Služba Zabezpečení Windows se po přijetí pokynu pro vypnutí neukončila správně.
Error: (11/11/2022 06:07:56 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby UsoSvc s argumenty Není k dispozici za účelem spuštění serveru:
{9C695035-48D2-4229-8B73-4C70E756E519}
Error: (11/11/2022 05:58:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PM9MEU92)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/10/2022 06:35:09 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PM9MEU92)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/08/2022 04:09:19 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PM9MEU92)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/07/2022 06:42:53 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: aswArPot.sys
Error: (11/07/2022 06:42:40 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.
CodeIntegrity:
===============
Date: 2022-11-11 18:20:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO DKCN53WW 05/31/2021
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 78%
Total physical RAM: 7987.24 MB
Available physical RAM: 1727.05 MB
Total Virtual: 8499.24 MB
Available Virtual: 2180.31 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:410.31 GB) (Model: WDC PC SN530 SDBPMPZ-512G-1101) NTFS
\\?\Volume{79bf316d-69d9-4015-9010-b1c6b64a0a4e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.21 GB) NTFS
\\?\Volume{9784de84-8e5d-443a-9b30-105b39b18959}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 9D75EE87)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu FRST logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu FRST logu
Zdravím!
Spustte tuto utilitu:
Spustte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu FRST logu
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 14.11.22
Čas skenování: 14:03
Logovací soubor: bcdbc74e-641c-11ed-8f19-000000000000.json
-Informace o softwaru-
Verze: 4.4.5.130
Verze komponentů: 1.0.1430
Aktualizovat verzi balíku komponent: 1.0.62284
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 22621.674)
CPU: x64
Systém souborů: NTFS
Uživatel: System
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Plánovač
Výsledek: Dokončeno
Skenované objekty: 280220
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 52 hod, 32 min, 40 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 14.11.22
Čas skenování: 14:03
Logovací soubor: bcdbc74e-641c-11ed-8f19-000000000000.json
-Informace o softwaru-
Verze: 4.4.5.130
Verze komponentů: 1.0.1430
Aktualizovat verzi balíku komponent: 1.0.62284
Licence: Zkušební
-Systémová informace-
OS: Windows 10 (Build 22621.674)
CPU: x64
Systém souborů: NTFS
Uživatel: System
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Plánovač
Výsledek: Dokončeno
Skenované objekty: 280220
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 52 hod, 32 min, 40 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu FRST logu
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\pavel\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {052FFDED-3C44-46A1-A561-E619A6928AFE} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {5C750098-69B7-450A-A377-6A4FAF65F9AC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {09C15BC4-56C9-4370-AF35-5F39C11F5211} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {D9739048-364B-4B91-B312-18B9242D522B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [{F1E84A96-2835-4272-B789-F2C4C49CA07E}] => (Allow) C:\Users\pavel\AppData\Local\Temp\Ins93AE\Setup.exe => No File
FirewallRules: [{9D7FFA98-F4EF-40E9-8002-6AC3910D2787}] => (Allow) C:\Users\pavel\AppData\Local\Temp\InsEF5E\Setup.exe => No File
FirewallRules: [{4501ECA3-9332-4115-AC19-375D5D17CD6C}] => (Allow) C:\Users\pavel\AppData\Local\Temp\Ins14CF\Setup.exe => No File
FirewallRules: [{1AB9199C-21E7-4A62-A8A9-7888D8936211}] => (Allow) C:\Users\pavel\AppData\Local\Temp\InsAE43\Setup.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?