Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

ipfs.io otravuje na AVASTu.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
David2012
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 12 lis 2013 10:57

ipfs.io otravuje na AVASTu.

#1 Příspěvek od David2012 »

Máte někdo prosím zkušenosti s hláškou v Avastu ipfs.io jak je to nebezpečné případně jak to odstranit?



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2023
Ran by david (administrator) on DESKTOP-33BMKLN (LENOVO 20T8000MCK) (24-02-2023 17:52:54)
Running from C:\Users\david\Downloads
Loaded Profiles: david
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngineProcess.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.49\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe <6>
(C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe ->) (The CefSharp Authors) [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5>
(C:\Users\david\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\david\AppData\Local\Programs\Opera\95.0.4635.37\opera_crashreporter.exe
(C:\Users\david\Downloads\FRST64.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2210.5.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PING.EXE
(DeepL SE -> DeepL SE) C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe
(Discord Inc. -> Discord Inc.) C:\Users\david\AppData\Local\Discord\app-1.0.9011\Discord.exe <6>
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~4.INF\DAX3API.exe
(DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN1541~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN1541~1.INF\driver\tposd.exe
(DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atieclxx.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <76>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(explorer.exe ->) (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Opera Norway AS -> Opera Software) C:\Users\david\AppData\Local\Programs\Opera\opera.exe <39>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bbb0597391852f64\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.16.10262.0_x64__8wekyb3d8bbwe\OpenConsole.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.16.10262.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.32.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [219032 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\Installer\setup.exe [4083104 2023-02-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2629504 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [Discord] => C:\Users\david\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [Opera Browser Assistant] => C:\Users\david\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe [108832 2023-01-04] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [MicrosoftEdgeAutoLaunch_30FCCE2722F4190AAE310221237BB02B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [AvastBrowserAutoLaunch_11B78FCBE112467C4B96E3A1DD89C487] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.177\Installer\chrmstp.exe [2023-02-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\Installer\chrmstp.exe [2023-02-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-02-27]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-06-18]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\david\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {083C88CC-4AA8-4B79-B5CE-03182A524A4D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4191128 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {13634E96-AB06-4E18-AA87-F2A8A8D5DAEF} - System32\Tasks\Opera scheduled assistant Autoupdate 1619876587 => C:\Users\david\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\david\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {15C932B4-A62E-454C-9344-3E6B3E6BD0EF} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3281388561-3768802976-1092351426-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4191128 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A831A22-AAA1-4C96-8CEE-5EAA96200682} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {1F66FE0B-E387-488F-AA25-5FC6292E8C98} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {349C515E-DC6C-48FB-B11D-1F4A7CDF9D27} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {3FC92972-366F-47E3-B9C4-9F397E35900B} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {4A9EAB31-2EB0-4746-B081-9160F2AF8B7A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\af38654e-59e3-44c6-b0a1-bdf061478bcb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {502586D8-B873-4CE9-A44A-CD322A6B13F3} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {55279B4A-7572-4A15-817F-10A5BA2DB88E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5A6248F0-DEDD-45D6-A0E9-C01D8F29DC59} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fdf33755-dad5-40eb-b71e-79e9007f1fb6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5C7F5FC1-D693-4CB6-BA92-A4E74969095B} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90832 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {6020AB7F-CFEC-480C-B58B-D930DFF3F22B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {6EBF9D12-2DB3-4CD8-A4B4-2333DE8F9C95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-10] (Google LLC -> Google LLC)
Task: {7716818B-1EDC-45F2-9ADB-BF69FC69E35B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {79C86E68-F4B9-40D3-A26C-B1A4A964BFCC} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {7B3691C3-C3EF-4A3C-9E42-B21C74BB6438} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {823A0742-9E16-4A9B-90B4-93232800594A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {85B1ADB4-CE2C-4E13-B49C-22DEA35F5BC6} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {87C27346-9DE7-47F7-9FC1-053CA0B862A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-10] (Google LLC -> Google LLC)
Task: {967F9F73-91DD-492D-B485-9297EE82D303} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {A7A7288C-C075-428B-BE07-F43901C9537B} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AA3C7C49-4758-45BD-A0F2-3371D92CC966} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {ABE0A74E-3BF2-4313-A19A-D1E722E890EB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [661408 2023-02-03] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AD0E2488-0D3D-44CB-8E47-DEFD5C50DB83} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {B9F44538-A70B-49B7-BC0C-A316EFB7FD56} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [186568 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {BD72102D-D753-430D-ADF7-E909A454F175} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE7A9201-2CDF-4F11-9917-7FAB8E56268B} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bbb0597391852f64\RtkAudUService64.exe [3495904 2022-05-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CB4A7E19-885A-421D-9C25-5B77B7A8FB3F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168920 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CD4201B3-7541-4B92-AB1B-148540214266} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {D625C769-7EE6-447F-8825-3AB2AF6F2C83} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {D6D27CF2-7DD7-490F-83E4-BD2A93758025} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-02-16] (Avast Software s.r.o. -> Avast Software)
Task: {D8DF72C8-7EE5-42E5-87F5-D755383F11F5} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DA39A14D-D946-4680-BF98-A3372A4058E3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DB8250BA-FFE3-4406-AEA7-2747A00AC044} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFDA188D-7618-4E4B-A0F6-CA20F79F0B90} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EB3C657D-FF6F-4FB5-8112-F4F5457D7A85} - System32\Tasks\Opera scheduled Autoupdate 1619876583 => C:\Users\david\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
Task: {EC2AB8F6-FEE7-4145-8558-FEB3000D96E2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cc3d3e3-f829-418d-ab07-c1231bda7d2c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F003956C-3449-41D6-901D-1B542FFFF832} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F337DE39-3F21-42F3-ADCF-27773243D30C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4867992 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {F6E20DB6-7937-4969-8281-48929B6D5F6B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8464EBF-3FB6-4236-8983-FF742FA9811A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7adfb55d-330b-4403-9a87-ce47aa6f2a16 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{9bf49c9e-bc3d-4518-9f8d-f5bfeda68eac}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{AE4417C4-ABC4-4ED2-95B8-68EABA0A4BAB}: [NameServer] 10.0.0.1 8.8.8.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-24]
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Math Wallet) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\afbcbjpbpfadlkmhmclhkeeodmamcflc [2022-10-24]
Edge Extension: (SSHGate ssh client and terminal emulator) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akjclknoaegmfejdhkncppnmjemkohdg [2022-10-24]
Edge Extension: (Yoroi) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akoiaibnepcedcplijmiamnaigbepmcb [2023-02-15]
Edge Extension: (MetaMask) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejbalbakoplchlghecdalmeeeajnimhm [2023-02-24]
Edge Extension: (Talisman - Polkadot Wallet) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fijngjgcjhjmmpcmkeiomlglpeiijkld [2023-02-11]
Edge Extension: (polkadot{.js} extension) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-12]
Edge Extension: (IPFS Companion) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nibjojkomfdiaoajekhjakgkdhaomnch [2023-02-24]
Edge Extension: (MetaMask) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-02-24]

FireFox:
========
FF DefaultProfile: c5nmaa40.default
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\c5nmaa40.default [2022-06-26]
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\msko3mo7.default-release [2023-02-17]
FF Extension: (polkadot extension) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\msko3mo7.default-release\Extensions\{7e3ce1f0-15fb-4fb1-99c6-25774749ec6d}.xpi [2022-06-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\david\AppData\Local\Google\Chrome\User Data\Default [2023-02-24]
CHR Notifications: Default -> hxxps://captchacoolnow.top; hxxps://twitter.com; hxxps://www.distrelec.cz; hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Math Wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbcbjpbpfadlkmhmclhkeeodmamcflc [2022-10-20]
CHR Extension: (SSHGate ssh client and terminal emulator) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjclknoaegmfejdhkncppnmjemkohdg [2022-10-20]
CHR Extension: (Easy Viewer) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\anjoggeimnldigfcihcggejncophmhjc [2021-02-10]
CHR Extension: (Yoroi) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2023-02-14]
CHR Extension: (Talisman - Polkadot Wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijngjgcjhjmmpcmkeiomlglpeiijkld [2023-02-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2023-02-22]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2021-02-10]
CHR Extension: (Parallel wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkgjmpfammbgejcpedggoefddacbdia [2022-12-05]
CHR Extension: (polkadot{.js} extension) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-18]
CHR Extension: (IPFS Companion) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nibjojkomfdiaoajekhjakgkdhaomnch [2023-02-23]
CHR Extension: (MetaMask) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (NACL Web Plug-in) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdcmagkbhnjpjlnpibbmggikpedpilc [2021-02-10]
CHR Profile: C:\Users\david\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-15]

Opera:
=======
OPR Profile: C:\Users\david\AppData\Roaming\Opera Software\Opera Stable [2023-02-24]
OPR Notifications: Opera Stable -> hxxps://www.youtube.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-03]
OPR Extension: (Opera Coupons | kupóny a slevové kódy) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\eplcjggklbefnipglcfdfalbbjpmkbkl [2023-02-15]
OPR Extension: (Opera Wallet) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-15]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-21]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2022-01-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8603544 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576408 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [575896 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\elevation_service.exe [1824504 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12554240 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe [2305576 2021-12-08] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncHelper.exe [3486640 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [437680 2022-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe [850936 2022-11-24] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LITSSvc.exe [1260488 2023-01-17] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\LPlatSvc.exe [906232 2022-11-24] (Lenovo -> Lenovo)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.033.0212.0001\OneDriveUpdaterService.exe [3867032 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249328 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15162168 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\TPHKLOAD.exe [492280 2022-12-06] (Lenovo -> Lenovo Group Limited)
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72912 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137600 2023-02-15] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\amdkmdag.sys [80559984 2022-01-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31392 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [231800 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391264 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297848 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95928 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39600 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268448 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556080 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105216 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80392 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [696016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-10-20] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-10-20] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmdrv.sys [53240 2022-11-24] (Lenovo -> Lenovo)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\pmdrvs.sys [38904 2022-11-24] (Lenovo -> Lenovo)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-24 17:32 - 2023-02-24 17:34 - 000056310 _____ C:\Users\david\Downloads\Addition.txt
2023-02-24 17:31 - 2023-02-24 17:53 - 000043298 _____ C:\Users\david\Downloads\FRST.txt
2023-02-24 17:31 - 2023-02-24 17:53 - 000000000 ____D C:\FRST
2023-02-24 17:30 - 2023-02-24 17:30 - 002378752 _____ (Farbar) C:\Users\david\Downloads\FRST64.exe
2023-02-23 11:57 - 2023-02-23 11:57 - 003811999 _____ C:\Users\david\Downloads\Skener_20230223 (2).pdf
2023-02-21 08:39 - 2023-01-17 09:42 - 001260488 _____ (Lenovo.) C:\WINDOWS\system32\LITSSvc.exe
2023-02-20 18:50 - 2023-02-20 18:50 - 000063672 _____ C:\Users\david\Downloads\Vyúčtování ze smlouvy číslo 0053362419.pdf
2023-02-20 13:47 - 2023-02-20 14:27 - 733990912 _____ C:\Users\david\Downloads\Dabelsky vas 1968 DVDRip XviD czdub.avi
2023-02-19 14:01 - 2023-02-19 14:01 - 000692356 _____ C:\WINDOWS\system32\perfh005.dat
2023-02-19 14:01 - 2023-02-19 14:01 - 000143226 _____ C:\WINDOWS\system32\perfc005.dat
2023-02-19 13:55 - 2023-02-19 13:55 - 000000000 ___HD C:\avast! sandbox
2023-02-16 08:04 - 2023-02-20 18:35 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-02-16 08:04 - 2023-02-20 18:35 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-02-16 08:03 - 2023-02-16 08:03 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2023-02-16 08:03 - 2023-02-16 08:03 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2023-02-16 08:02 - 2023-02-16 08:04 - 000000000 ____D C:\Users\david\AppData\Local\Avast Software
2023-02-16 08:02 - 2023-02-16 08:02 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2023-02-16 08:02 - 2023-02-16 08:02 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2023-02-16 08:02 - 2023-02-16 08:02 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-02-16 08:01 - 2023-02-16 08:01 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2023-02-16 08:01 - 2023-02-16 08:01 - 000002159 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2023-02-16 08:01 - 2023-02-16 08:01 - 000000000 ____D C:\Users\david\AppData\Roaming\Avast Software
2023-02-16 08:00 - 2023-02-24 09:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-02-16 08:00 - 2023-02-23 07:49 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-02-16 08:00 - 2023-02-16 08:00 - 000288664 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-02-16 08:00 - 2023-02-16 08:00 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-02-16 07:59 - 2023-02-19 13:54 - 000000000 ____D C:\ProgramData\Avast Software
2023-02-16 07:59 - 2023-02-16 07:59 - 000000000 ____D C:\Program Files\Avast Software
2023-02-16 07:58 - 2023-02-16 07:58 - 000263000 _____ (AVAST Software) C:\Users\david\Downloads\avast_free_antivirus_setup_online.exe
2023-02-15 18:50 - 2023-02-15 18:50 - 000000000 ___HD C:\$WinREAgent
2023-02-11 11:16 - 2023-02-11 12:45 - 1651495010 _____ C:\Users\david\Downloads\Občan Kane - Citizen Kane CZ tit.avi
2023-02-06 12:33 - 2023-02-06 12:33 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_hidtelephony_02_15_00.Wdf
2023-02-05 08:40 - 2023-02-05 09:34 - 1003412581 _____ C:\Users\david\Downloads\Born to Be Bad (1934)[ktrip].mkv
2023-02-05 00:31 - 2023-02-05 08:03 - 787065153 _____ C:\Users\david\Downloads\It's a Wonderful World 1939.mp4
2023-02-03 20:06 - 2023-02-04 10:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-01 13:15 - 2023-02-01 13:15 - 001243519 _____ C:\Users\david\Downloads\Technické podklady Nuvola 3 Comfort, Nuvola 3 B40_
2023-02-01 13:03 - 2023-02-01 13:03 - 004288634 _____ C:\Users\david\Downloads\pt32gst-cz-v1203-2020.indd.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-02-24 17:54 - 2021-08-15 13:56 - 000000000 ____D C:\Users\david\AppData\Local\Discord
2023-02-24 17:49 - 2021-08-15 13:56 - 000000000 ____D C:\Users\david\AppData\Roaming\discord
2023-02-24 17:27 - 2021-02-10 11:41 - 000000000 ____D C:\Users\david\AppData\Local\D3DSCache
2023-02-24 17:05 - 2021-02-10 12:04 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-24 16:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-02-24 16:47 - 2022-10-20 09:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-24 16:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-02-24 13:06 - 2021-03-18 08:32 - 000000000 ____D C:\Users\david\AppData\LocalLow\Mozilla
2023-02-24 12:02 - 2020-12-20 02:39 - 000000000 ____D C:\ProgramData\Goodix
2023-02-24 10:39 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-24 10:39 - 2021-02-10 11:41 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2023-02-24 10:38 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-24 09:35 - 2022-10-20 09:57 - 000003768 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1619876587
2023-02-24 09:35 - 2022-10-20 09:57 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-24 09:35 - 2022-10-20 09:57 - 000003514 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1619876583
2023-02-24 09:35 - 2022-10-20 09:57 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-24 09:35 - 2022-10-20 09:57 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-24 09:35 - 2022-10-20 09:57 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-24 09:35 - 2022-10-20 09:57 - 000003070 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3281388561-3768802976-1092351426-1001
2023-02-24 09:35 - 2022-10-20 09:57 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-02-24 09:35 - 2022-10-20 09:57 - 000002452 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2023-02-23 18:59 - 2020-12-20 02:35 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-23 15:07 - 2021-09-13 18:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-02-23 15:07 - 2021-02-10 12:40 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-23 15:07 - 2021-02-10 11:42 - 000000000 ___RD C:\Users\david\OneDrive
2023-02-22 21:05 - 2021-02-10 12:04 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-22 21:05 - 2021-02-10 12:04 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-02-21 16:28 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-02-21 08:39 - 2022-03-16 22:19 - 000000000 ____D C:\WINDOWS\system32\icmsg
2023-02-21 08:39 - 2020-12-20 02:40 - 000000000 ____D C:\WINDOWS\TempInst
2023-02-20 17:03 - 2021-05-01 14:43 - 000001416 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-02-19 19:52 - 2020-12-20 02:34 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-19 19:52 - 2020-12-20 02:34 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-02-19 14:01 - 2022-10-20 10:02 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-19 13:54 - 2022-10-20 09:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-19 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-19 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-19 13:54 - 2021-02-10 12:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-02-19 13:54 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2023-02-19 13:53 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-16 08:00 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-16 03:01 - 2022-10-20 09:52 - 000471152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-16 03:00 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 19:00 - 2021-02-14 10:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 18:58 - 2021-02-14 06:58 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 18:53 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 18:52 - 2022-10-20 09:54 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 07:26 - 2020-05-06 19:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-07 02:44 - 2022-10-20 09:53 - 000000000 ____D C:\Users\david
2023-02-04 10:09 - 2022-10-20 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-02-04 10:09 - 2022-06-26 14:06 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-04 10:09 - 2022-06-26 14:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-31 22:58 - 2021-12-03 10:07 - 000000000 ____D C:\Users\david\AppData\Roaming\Ledger Live
2023-01-31 22:51 - 2021-12-03 10:07 - 000000000 ____D C:\Program Files\Ledger Live
2023-01-27 09:34 - 2021-02-10 13:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-25 13:19 - 2021-02-27 13:19 - 000000000 ____D C:\Users\david\AppData\Roaming\TREZOR Bridge





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2023
Ran by david (24-02-2023 17:32:57)
Running from C:\Users\david\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) (2022-10-20 08:57:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3281388561-3768802976-1092351426-500 - Administrator - Disabled)
david (S-1-5-21-3281388561-3768802976-1092351426-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-3281388561-3768802976-1092351426-503 - Limited - Disabled)
Guest (S-1-5-21-3281388561-3768802976-1092351426-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3281388561-3768802976-1092351426-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.1.6049 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 110.0.20215.104 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
balenaEtcher 1.7.8 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.7.8 - Balena Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1090 - AB Team, d.o.o.)
DeepL (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - )
Discord (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Exodus (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\exodus) (Version: 21.4.12 - Exodus Movement Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.177 - Google LLC)
IPFS Desktop 0.20.4 (HKLM\...\033dffdc-028b-55d6-9442-9e386fe5b76e) (Version: 0.20.4 - Protocol Labs, Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Ledger Live 2.52.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.52.0 - Ledger Live Team)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.16026.20200 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM\...\{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM\...\{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 109.0.1 (x64 cs)) (Version: 109.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 95.0.4635.46 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Opera 95.0.4635.46) (Version: 95.0.4635.46 - Opera Software)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Telegram Desktop version 3.7.3 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC)
Trezor Suite 23.1.1 (HKLM\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 23.1.1 - SatoshiLabs)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Wasabi Wallet (HKLM\...\{FFC1B29A-A111-47CF-BEF6-9A26DB0BF959}) (Version: 1.1.12.5 - zkSNACKs)
Zoom (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\ZoomUMX) (Version: 5.8.3 (1581) - Zoom Video Communications, Inc.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-04-05] (Advanced Micro Devices Inc.) [Startup Task]
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-17] (Microsoft Corp.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.30201.210.0_x64__rz1tebttyb220 [2022-10-20] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-11] (Microsoft Corporation)
ELAN Touchpad for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadforThinkpad_24.121.15.0_x64__stws0m115j6hg [2023-01-24] (ELAN Microelectronics Corporation)
ELAN TrackPoint for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTrackPointforThinkpa_24.121.18.0_x64__stws0m115j6hg [2023-01-24] (ELAN Microelectronics Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_9.28.496.0_x64__17mer8kcn3j54 [2023-01-27] (Mirametrix Inc.) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-21] (LENOVO INC.)
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.16.0_x64__8wekyb3d8bbwe [2023-02-02] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-10-22] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-25] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-20] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-01-13] (ms-resource:ProductPublisherDisplayName)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2023-01-24] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3281388561-3768802976-1092351426-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe (DeepL SE -> DeepL SE)
CustomCLSID: HKU\S-1-5-21-3281388561-3768802976-1092351426-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Easy Viewer.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc
ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\NACL Web Plug-in.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=pbdcmagkbhnjpjlnpibbmggikpedpilc
ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig

==================== Loaded Modules (Whitelisted) =============

2022-11-21 16:40 - 2022-08-21 02:44 - 001160192 _____ () [File not signed] [File is in use] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 000438784 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\amdlinkremoteserver.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2022-04-05 07:14 - 2022-04-05 07:16 - 000258560 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2022-11-21 16:40 - 2022-08-19 08:38 - 175591424 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2022-11-21 16:40 - 2022-08-19 07:11 - 000442880 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2022-11-21 16:41 - 2022-08-19 07:10 - 006480384 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2022-11-21 16:41 - 2022-08-19 07:07 - 004077568 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2022-11-21 16:40 - 2022-08-19 07:10 - 000828928 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\D3DCompiler_47.dll
2020-12-20 02:35 - 2020-12-20 02:35 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-12-20 02:35 - 2020-12-20 02:35 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-11-21 16:41 - 2022-08-19 07:16 - 001231872 _____ (The Chromium Authors) [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Multimedia.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5MultimediaQuick.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtMultimedia\declarative_multimedia.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Lenovo\ThinkPadwallpaper.jpg
DNS Servers: 10.0.0.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{FEC95784-14AA-40B2-B346-7BD54A0C5D2C}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [TCP Query User{BAA48C16-AF9C-41CC-8A84-6B64EE2F2CBB}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [{ABF5B404-8B57-46D2-AAC1-4905C4080785}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F02A5808-E877-4B4E-B184-F884DB3B14C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F22AB076-832F-4120-98AA-49110C1AB7FD}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [TCP Query User{83DC78F7-5164-4C5D-8DB6-5A74A6DE2CB2}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [UDP Query User{7139D722-3E94-4FA1-9F4E-771BFEED8165}C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe] => (Allow) C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe (Protocol Labs, Inc. -> )
FirewallRules: [TCP Query User{89DF982A-A285-4D45-9EA1-98022D7CD018}C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe] => (Allow) C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe (Protocol Labs, Inc. -> )
FirewallRules: [UDP Query User{7915EC1E-1418-4269-B73F-2B58BB7EDF64}C:\program files\ipfs desktop\ipfs desktop.exe] => (Allow) C:\program files\ipfs desktop\ipfs desktop.exe (Protocol Labs, Inc. -> Protocol Labs, Inc.)
FirewallRules: [TCP Query User{F0960D98-C8A4-4C94-B946-1AA01F6CFD45}C:\program files\ipfs desktop\ipfs desktop.exe] => (Allow) C:\program files\ipfs desktop\ipfs desktop.exe (Protocol Labs, Inc. -> Protocol Labs, Inc.)
FirewallRules: [{E47874DC-2144-4D66-A80E-5F557B7A03E5}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{948D3F2A-4FC2-48CC-9A5B-AAEF44F08CE6}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{11F58DBB-32EA-421F-8F9D-09CFD618E14D}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{F7D621F6-7FB6-4E06-9B0B-35831BF120B9}C:\users\david\downloads\winbox64.exe] => (Allow) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{9573DA98-4CC7-4E4E-B591-964B28906403}C:\users\david\downloads\winbox64.exe] => (Allow) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{6122D9AD-295A-43FC-8636-2309CB0B033C}C:\users\david\downloads\winbox64.exe] => (Block) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{3C0E31B6-112B-434E-8377-2D2E9F19F96B}C:\users\david\downloads\winbox64.exe] => (Block) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{5A72C00B-8A80-478F-AC61-434208D8724F}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{3F262DE1-76DF-472E-931C-DA20DF9191DF}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{C64BF34A-3A7F-4581-BC60-0E0C097FD462}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{D161BC17-CD6B-4246-B622-B7765C1A7AE1}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{5BB08B27-F70B-40A2-89CC-994BF384E689}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{515A0591-471B-4667-BB27-A13B3B244457}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [TCP Query User{B3D7B456-9CFF-45B2-A670-8AC075C006CE}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{24190330-D28B-4B76-AF28-D71A8CDA5C55}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [{5D859CF9-DD65-42EA-855D-41D532BA3451}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1DA55E18-C0E7-441A-808D-0F14B2AF5ADF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{157D8C22-25CA-4D1F-AF6E-E9D25AF1731A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{167B6D33-4055-4BE2-BA1E-4F7C8BD52C32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{C2C17240-ACC4-4CD5-BBC6-77176D7BE231}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{7F83B5AF-AB9B-4E66-A337-965EE74EEC02}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{339B7D4D-227C-4E7C-B0E9-EE4B713E8CE2}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{916EAE12-AA6A-40A3-AED5-CBC186848EF9}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{CC8894AB-1F99-4F2A-AAB1-C65295AEDC01}C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe] => (Allow) C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{3B6E3764-37B0-472F-9E92-A61598B6A9B7}C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe] => (Allow) C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{83F2D6A4-47B7-4B4F-AB41-82AA0B5802D9}C:\users\david\downloads\winbox64 (1).exe] => (Allow) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{535AED30-E051-4967-8BD6-37D573BC19DF}C:\users\david\downloads\winbox64 (1).exe] => (Allow) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{77AD6658-1C50-4C1C-94A6-D9519D9077D9}] => (Block) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{64878B04-A49A-4542-BA96-D4E123E0FDEE}] => (Block) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{28EA61FE-CB57-4128-9002-DEF324A202BA}C:\brnonet\mikrotik\winbox64 (1).exe] => (Allow) C:\brnonet\mikrotik\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{8BF893C8-3F17-48DF-A861-A472CD44D0B9}C:\brnonet\mikrotik\winbox64 (1).exe] => (Allow) C:\brnonet\mikrotik\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{203BF5B0-EC55-4A3E-8996-8E078398CE89}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{151068B6-CB76-49D0-9504-CD82A9E649BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DD7BDDF7-E8F1-43D9-BD36-ADF0FEA82509}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2DD8500B-DA08-42BC-A2ED-3D3F39897AED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9F74F04E-1DF2-4A4B-AAEC-8D63912C23B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{E62BBB40-20E3-4E64-8779-ABCC4A6DA7C0}C:\users\david\downloads\winbox64 (2).exe] => (Allow) C:\users\david\downloads\winbox64 (2).exe => No File
FirewallRules: [UDP Query User{E584F9AD-2C33-48C4-AA69-0AA8843CD5A7}C:\users\david\downloads\winbox64 (2).exe] => (Allow) C:\users\david\downloads\winbox64 (2).exe => No File
FirewallRules: [TCP Query User{4BDDC0DD-ABD1-42EE-8383-EE086AB98191}C:\brnonet\winbox64 (2).exe] => (Allow) C:\brnonet\winbox64 (2).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{C96A415A-18E7-4BB3-AB98-6B691050BED2}C:\brnonet\winbox64 (2).exe] => (Allow) C:\brnonet\winbox64 (2).exe (Mikrotikls SIA -> )
FirewallRules: [{59ED960C-4695-4988-AD63-70FD54594AF9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{700E3109-0D91-4AEC-BA3E-135F2A681556}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{704625DB-DF6D-4FD3-AACE-561B43E2C539}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CA000886-AD32-4089-AD9C-2B28D3DCB1A5}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D2057F4E-1FE5-4EA0-9427-CCF0556701EC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{073687F5-1C8E-4D55-A6D9-F19C24F61DC6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6609170-5EDC-4958-B0AF-0C1D0FA6F19C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8FF1297C-C105-40DC-B363-96EDB12298D9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3E7377C7-2671-4F6B-84F9-38386D845E07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C6A590E-C0AC-4955-8EB6-51A853CF565E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBE4778C-BA25-4927-AAFF-85DE4B6B03CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{848B354F-251F-471D-A462-E82A7BC142B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

24-02-2023 11:02:15 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/23/2023 06:59:13 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-33BMKLN)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.

Error: (02/20/2023 07:47:59 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_WbioSrvc, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.900, časové razítko: 0xa97a9ed6
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a2f1a
ID chybujícího procesu: 0x0x6318
Čas spuštění chybující aplikace: 0x0x1d944c9a850e5ba
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f927ac11-0595-4534-8e36-f1e2b52a1eb9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/14/2023 05:37:59 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-33BMKLN)
Description: Název chybující aplikace: chrome.exe, verze: 109.0.5414.120, časové razítko: 0x63ced377
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.963, časové razítko: 0x766ca8ae
Kód výjimky: 0xe0000008
Posun chyby: 0x00000000000906bc
ID chybujícího procesu: 0x0x3e74
Čas spuštění chybující aplikace: 0x0x1d93a95e8d55830
Cesta k chybující aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 40ad33e9-5c78-4402-9e00-205cea3af3dd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/10/2023 06:25:59 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x5d9c
Čas spuštění chybující aplikace: 0x0x1d93d7466ac5697
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 1f5824bb-9239-44e7-a8cb-b12127ed6e1f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/10/2023 03:58:34 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x36ac
Čas spuštění chybující aplikace: 0x0x1d93cfb65387dcc
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 15cd4275-84fb-418e-b3ee-e7a064243b28
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2023 12:17:40 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-33BMKLN)
Description: Název chybující aplikace: msteamsupdate.exe, verze: 23002.403.1788.1930, časové razítko: 0x63b90624
Název chybujícího modulu: msteamsupdate.exe, verze: 23002.403.1788.1930, časové razítko: 0x63b90624
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000feaed
ID chybujícího procesu: 0x0x9a0
Čas spuštění chybující aplikace: 0x0x1d93b4a5f11dc15
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteamsupdate.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteamsupdate.exe
ID zprávy: b0a37f07-8799-4421-be88-96c4afd09cfc
Úplný název chybujícího balíčku: MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: msteamsupdate

Error: (02/02/2023 02:32:46 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x590c
Čas spuštění chybující aplikace: 0x0x1d936a5feaf533f
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 5ac4e1a1-1ff4-4cae-86fc-9349693c95ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/22/2023 03:14:31 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x19b4
Čas spuštění chybující aplikace: 0x0x1d92e0731dea83e
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: cad92b57-62f5-4772-a68c-bba85d979775
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/24/2023 10:39:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (02/23/2023 06:58:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (02/23/2023 11:15:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (02/22/2023 03:49:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (02/21/2023 04:30:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (02/20/2023 07:48:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Biometrická služba systému Windows byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2023 01:54:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Crash Defender Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/19/2023 01:54:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Crash Defender Service bylo dosaženo časového limitu (45000 ms).


Windows Defender:
================
Date: 2023-02-15 07:38:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4840786C-2BE5-4DC3-83BE-F49859153F1B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-13 10:06:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69925481-ED42-4422-AF8B-6091E0910766}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-12 14:23:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5525ABCD-3C2D-4BF8-91FA-0C5A18F875C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-11 10:21:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {59CF7546-8928-416F-9471-CBED7CCABE40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-10 15:36:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {99E83A67-4D6F-4922-B98B-B25DDCCFC35E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-02-24 17:01:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-02-24 13:19:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO R1AET33W (1.09 ) 10/26/2020
Motherboard: LENOVO 20T8000MCK
Processor: AMD Ryzen 5 4500U with Radeon Graphics
Percentage of memory in use: 82%
Total physical RAM: 15591.43 MB
Available physical RAM: 2759.11 MB
Total Virtual: 39954.81 MB
Available Virtual: 6821.61 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.23 GB) (Free:63.37 GB) (Model: SAMSUNG MZALQ256HAJD-000L1) (Protected) NTFS

\\?\Volume{a806eee1-bdab-4de3-b8cd-f99b8570c505}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.27 GB) NTFS
\\?\Volume{8cbe5646-85be-4777-ad5d-32fac9e9268e}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: ACD486B2)

Partition: GPT.

==================== End of Addition.txt =======================
Přílohy
ipfsio.png
ipfsio.png (112.58 KiB) Zobrazeno 480 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118243
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: ipfs.io otravuje na AVASTu.

#2 Příspěvek od Rudy »

Zdravím.
Ipfs.io by sám o sobě by neměl být nebezpečný. Viz. https://cs.wikipedia.org/wiki/InterPlan ... ile_System . Ovšem jeho prostřednictvým by mohl bý distribuován třba v tonmto případě phishing. Avast ho zablokoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
David2012
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 12 lis 2013 10:57

Re: ipfs.io otravuje na AVASTu.

#3 Příspěvek od David2012 »

Řve mi to skoro na každé stránce a ještě to doprovází gongem, takže to silně otravuje. Asi chce Avast zaplatit.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118243
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: ipfs.io otravuje na AVASTu.

#4 Příspěvek od Rudy »

To sotva, pokud máte free verzi a omylem jste ji neupgradoval. Zkuste spustit tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
David2012
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 12 lis 2013 10:57

Re: ipfs.io otravuje na AVASTu.

#5 Příspěvek od David2012 »

Free verzi mám a ještě jsem ji neupgradoval. Nabídlo mi to zkušební 2 měsíce a to jsem zatím nevyužil - možná když bych to udělal tak mě toho zbaví.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-25-2023
# Duration: 00:00:03
# OS: Windows 11 (Build 22621.1265)
# Cleaned: 12
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CC8894AB-1F99-4F2A-AAB1-C65295AEDC01}C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{3B6E3764-37B0-472F-9E92-A61598B6A9B7}C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe
Deleted HKLM\Software\Wow6432Node\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoHotkeyManager Folder C:\Program Files\LENOVO\HOTKEY
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\david\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoPowerManager Folder C:\Windows\SysWOW64\LENOVO\POWERMGR
Deleted Preinstalled.LenovoPowerManager Folder C:\Windows\System32\LENOVO\POWERMGR


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2675 octets] - [25/02/2023 08:51:41]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118243
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: ipfs.io otravuje na AVASTu.

#6 Příspěvek od Rudy »

Teď dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“