Prosím o kontrolu

[Filis]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-11-2024
Ran by valtr (02-11-2024 17:48:15)
Running from C:\Users\valtr\Desktop
Microsoft Windows 11 Home Version 23H2 22631.4317 (X64) (2023-12-16 18:45:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-14074417-775752243-2468711463-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-14074417-775752243-2468711463-503 - Limited - Disabled)
Guest (S-1-5-21-14074417-775752243-2468711463-501 - Limited - Disabled)
valtr (S-1-5-21-14074417-775752243-2468711463-1001 - Administrator - Enabled) => C:\Users\valtr
WDAGUtilityAccount (S-1-5-21-14074417-775752243-2468711463-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apowersoft Online Launcher version 1.8.3 (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.3 - APOWERSOFT LIMITED)
Autodesk Fusion (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.20476 - Autodesk, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.10.6133 - Avast Software)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa CW1 (02/13/2013 1.0.0.0) (HKLM\...\B10CCB939D59F72AA817B257D84328FC4A1DC752) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK2 (02/13/2013 1.0.0.0) (HKLM\...\E6CFEF5357DD0E2F987E98779FD6603959DA391B) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK3 Multi Material 2.0 upgrade (02/13/2013 1.0.0.0) (HKLM\...\FA562E43945E7D9CAC76A811E49088FF2255A11A) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Prusa i3 Plus MK3 3D printer (02/13/2013 1.0.0.0) (HKLM\...\890B56493F7CACBCA0E70EA8EBFD9A18BC780C34) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - UltiMachine 3D Printer (RAMBo) (02/13/2013 1.0.0.0) (HKLM\...\D77EC126405DC217C7BF7DA6669B51E297D5CF23) (Version: 02/13/2013 1.0.0.0 - UltiMachine)
CCleaner (HKLM\...\CCleaner) (Version: 6.29 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.0.690 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.690 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit Keys (HKLM\...\{69D1C50E-6E4D-416D-A632-875EB3C5EF8A}) (Version: 18.1.690 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM (HKLM-x32\...\{C4DF8B81-6925-4D29-8204-933667E127B4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM Content (HKLM-x32\...\{0EC6F0EB-64A9-4A69-B8A2-7CB0779CA7A0}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Writing Tools (HKLM-x32\...\{7135E09C-980F-4373-B211-04B05C996113}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\_{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1.0.690 - Corel Corporation)
f.lux (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\Flux) (Version: 4.134 - f.lux Software LLC)
Fritz 16 64-bit (HKLM\...\{330C747E-F4EA-4896-BE96-73F3A76690C5}) (Version: 16.12.0.0 - ChessBase)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 130.0.6723.92 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
IPM_Common_x86 (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.2 - Your Company Name) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo Now (HKLM-x32\...\Lenovo Now) (Version: 4.0.2.39 - Lenovo Group Ltd.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2.24.0 - Lenovo Group Ltd.)
Malwarebytes version 5.2.0.140 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.0.140 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 130.0.2849.56 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 130.0.2849.56 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.18129.20116 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.196.0929.0005 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\4336df8a13b91f17) (Version: 17.1.268.3 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\Teams) (Version: 1.6.00.16472 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x86) (HKLM-x32\...\{90120000-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) English (HKLM-x32\...\{BAB89D31-4C55-472B-8909-6CBE2CC276B1}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020 (HKLM-x32\...\{895D5198-C5DB-375E-86AB-133F4DAA9FE2}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020 (HKLM-x32\...\{8F271F6C-6E7B-3D0A-951B-6E7B694D78BD}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 Finalizer (HKLM-x32\...\{20D2A362-23EB-3BDB-BAD3-F4510B2B32A5}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 x64 Hosting Support (HKLM\...\{6D0ED930-AE5C-3289-ADA3-E6C3B13050DE}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 x86 Hosting Support (HKLM-x32\...\{84DD3A17-A979-39BC-8816-8226CB7DF8A7}) (Version: 14.0.23217 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 132.0 (x64 cs)) (Version: 132.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 125.0.1 - Mozilla)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 472.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20100 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20116 - Microsoft Corporation) Hidden
PrusaSlicer (HKLM\...\PrusaSlicer_is1) (Version: 2.8.1 - Prusa Research s.r.o.)
remove.bg (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\remove) (Version: 2.1.0 - Kaleido AI Gmbh)
SMPlayer 22.2.0 (HKLM-x32\...\SMPlayer) (Version: 22.2.0 - Ricardo Villalba)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.4472 - Microsoft Corporation)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.50 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VSDC Free Video Editor version 7.2.2.442 (HKLM\...\VSDC Free Video Editor_is1) (Version: 7.2.2.442 - Flash-Integro LLC)
Wondershare Filmora 13(Build 13.3.8.7085) (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\Wondershare Filmora 13_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.1.1) (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Zoom (HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\ZoomUMX) (Version: 5.16.10 (26186) - Zoom Video Communications, Inc.)

Packages:
=========

AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2023-05-31] (Advanced Micro Devices Inc.) [Startup Task]
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-11] (Disney)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2023-05-31] (Dolby Laboratories)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2409.29.0_x64__k1h2ywk1493x8 [2024-10-15] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-08-20] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-05-31] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-05-31] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-17] (Microsoft Corp.)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe [2024-08-06] (Microsoft) [Startup Task]
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.2331.0_x64__8wekyb3d8bbwe [2024-09-05] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.1.0.0_x64__8wekyb3d8bbwe [2024-10-26] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-12-16] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-09-28] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24101.35.0_x64__cw5n1h2txyewy [2024-11-02] (Microsoft Windows) [Startup Task]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.7.5.0_x64__bzg06mxvgh4fa [2024-10-11] (V3TApps)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-26] (NVIDIA Corp.)
Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.161.0_x64__pwbj9vvecjh7j [2024-10-09] (Amazon Development Centre (London) Ltd)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2023-05-31] (Realtek Semiconductor Corp)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm [2024-10-12] (WhatsApp Inc.) [Startup Task]
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.5.0.0_x64__8wekyb3d8bbwe [2024-09-14] (Microsoft Corporation)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.275.500.0_x64__8wekyb3d8bbwe [2024-10-09] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.266.2241.0_x64__8wekyb3d8bbwe [2024-10-04] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-10-09] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-10-09] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-10-09] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.TwinSxS_cw5n1h2txyewy [2024-10-09] (Microsoft Windows)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-14074417-775752243-2468711463-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\valtr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-14074417-775752243-2468711463-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\valtr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23117.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-14074417-775752243-2468711463-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\valtr\AppData\Local\Autodesk\webdeploy\production\c8ccd68f9db18c054d1ebc9c01376922733ac46e\NPreview10.dll (Autodesk, Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncShell64.dll [2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6e978b1ba87faf07\nvshext.dll [2021-11-04] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-03] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\Windows\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\Windows\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-05-19 07:41 - 2016-07-21 09:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2024-05-19 07:41 - 2017-09-12 09:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2023-06-21 13:15 - 2023-06-21 13:15 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2023-06-21 13:15 - 2023-06-21 13:15 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2024-05-19 07:41 - 2017-09-12 09:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-14074417-775752243-2468711463-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-11-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-14074417-775752243-2468711463-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\valtr\Desktop\379982595_265167723138625_4106724470074841149_n.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek 8822CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5EC933A3-6D37-439A-9F99-1B127A21EDB8}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\PPHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{D198CF52-3976-4DA5-8B83-0609FDE2576E}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\DrawHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{1C2D0CCD-500B-4B50-9EA5-42C339EFC356}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5B350FC7-83B1-476E-8A68-D2088AEC4E8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{84C5E437-221D-4C6C-A0E4-3E7F02E27FFA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7244C489-2420-421F-801A-BB24347D0CD5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5D3339E2-B7B8-488A-8368-A2A28F86C12A}] => (Allow) C:\Users\valtr\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E05798C5-4681-4560-BB1E-248FF202FDA6}] => (Allow) C:\Users\valtr\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4FF66011-EDAC-4305-B144-31E460804C80}] => (Allow) C:\Users\valtr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3BEC90D3-632B-43E3-BAA3-E260E38CA00E}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{7140FF7A-7F19-48BB-8CAA-87A40DED1945}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{A007BB4E-0D05-4F8E-9BF5-F667BB156664}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{8F38BDCB-2EA2-4A52-9052-AB9FA976488D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3C6D07DE-69DD-4065-801A-BDDE6A862926}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DACEE051-6843-4B37-A039-AAB06EAC3D8B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{85E34183-7AFE-4EDE-AA6E-EFF7A6205438}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{887AE3AD-ADAC-4649-B4B3-BAF2C3DF87D9}] => (Allow) C:\Users\valtr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{2C6A7453-01BD-4397-8827-98D27EFBEFD5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{B50B4AFC-37AB-41FA-9874-B6F01A4A73DF}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{303C5EFA-845E-4379-88C6-0A090B94C142}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{5135F1C7-1068-4E17-A38B-E9E9921C56B8}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{3B6D1F7A-0FE7-4598-A145-C9C209D0267F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{ABB9FB28-EFFC-49E4-9861-8BC7E0E9C811}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (FLASH-INTEGRO LLC -> Flash-Integro LLC)
FirewallRules: [{F9A98FDD-A4A2-4C23-BEFD-82EDEE631626}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F4567EF2-2210-4EEB-AAC1-43AB01C77C8C}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24180.205.2980.1757_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22F7560C-03E2-409D-BC99-4AB485AAE079}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2449323A-D652-4BA9-8EA9-F8804B998D8E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3103.3212.3419_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{657C5E0F-9131-4A05-A898-EED4B4FEF78D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24277.3103.3212.3419_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6252FBA-9FB2-455F-9C86-A556091587E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38F1C5DC-F98A-4FCF-A208-4B29EC362FB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5C306FBC-1399-45E1-A8FF-11014D5AAC9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8D69CDCE-5942-4962-B006-358964D88659}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6EE41A05-EAF0-44BA-8AF7-F18567860EA4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AB634515-5545-4D76-9748-8F956D96E2CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Universal Device Client Device
Description: Universal Device Client Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (11/02/2024 09:16:57 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-9TGMASBD$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(16ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/02/2024 09:16:56 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(31ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (10/30/2024 06:28:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-9TGMASBD$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (10/30/2024 06:28:54 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(46ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (10/30/2024 06:28:29 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: mfevtps.exe, verze: 22.12.0.279, časové razítko: 0x636b3cb1
Název chybujícího modulu: CRYPT32.dll, verze: 10.0.22621.4169, časové razítko: 0x05f19029
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001ff72
ID chybujícího procesu: 0x0x1a44
Čas spuštění chybující aplikace: 0x0x1db2ad7dd17455c
Cesta k chybující aplikaci: C:\Windows\system32\mfevtps.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\CRYPT32.dll
ID zprávy: d546c5cd-e84f-4779-be6f-a6993e41e0db
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/30/2024 03:27:39 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-9TGMASBD$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (10/30/2024 03:27:39 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (10/30/2024 03:27:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(359ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)


System errors:
=============
Error: (11/02/2024 05:02:54 PM) (Source: DCOM) (EventID: 10029) (User: LAPTOP-9TGMASBD)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_987efb.

Error: (11/02/2024 04:26:52 PM) (Source: DCOM) (EventID: 10029) (User: LAPTOP-9TGMASBD)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_987efb.

Error: (11/02/2024 03:58:56 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (11/02/2024 03:48:57 PM) (Source: DCOM) (EventID: 10029) (User: LAPTOP-9TGMASBD)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_987efb.

Error: (11/02/2024 11:02:15 AM) (Source: DCOM) (EventID: 10029) (User: LAPTOP-9TGMASBD)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_987efb.

Error: (11/02/2024 10:52:53 AM) (Source: DCOM) (EventID: 10029) (User: LAPTOP-9TGMASBD)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_987efb.

Error: (11/02/2024 09:18:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/02/2024 09:18:51 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===============
Date: 2024-11-02 10:34:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO FCCN16WW 01/05/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 4800H with Radeon Graphics
Percentage of memory in use: 42%
Total physical RAM: 15741.32 MB
Available physical RAM: 9047.72 MB
Total Virtual: 18173.32 MB
Available Virtual: 10268.98 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:6.21 GB) (Model: UMIS RPJTJ512MEE1OWX) NTFS

\\?\Volume{6ab2445b-a82c-4b6c-a859-dcea71b17680}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{cce53b7a-a567-4c4e-b773-a00be82bef41}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8A30157D)

Partition: GPT.

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2024
Ran by valtr (administrator) on LAPTOP-9TGMASBD (LENOVO 82EY) (02-11-2024 17:46:27)
Running from C:\Users\valtr\Desktop\FRST64.exe
Loaded Profiles: valtr
Platform: Microsoft Windows 11 Home Version 23H2 22631.4317 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_24277.3103.3212.3419_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe <6>
(C:\Users\valtr\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\valtr\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\u0361612.inf_amd64_b679e02f70413f9f\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361612.inf_amd64_b679e02f70413f9f\B361368\atieclxx.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\valtr\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <20>
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361612.inf_amd64_b679e02f70413f9f\B361368\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_6e978b1ba87faf07\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\valtr\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(sihost.exe ->) (20E7E2C9-A2A9-4A02-BB29-6FCFB9E042BB -> Lenovo) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24101.35.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2440.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.5.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427304 2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1086248 2020-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [141815104 2023-02-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919336 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\Run: [MicrosoftEdgeAutoLaunch_1FDC54BA24E765A33DD6DCCBB7ED4C81] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3856456 2024-10-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-14074417-775752243-2468711463-1001\...\Run: [f.lux] => C:\Users\valtr\AppData\Local\FluxSoftware\Flux\flux.exe [1528952 2024-02-22] (F.lux Software LLC -> f.lux Software LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\130.0.6723.92\Installer\chrmstp.exe [2024-11-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2024-06-22]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1C44E15D-534A-44EA-B87A-E088DA8F591E} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5205800 2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {1C63EB75-1FD5-47E6-A37D-D3CEDABE6700} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-03] (Avast Software s.r.o. -> Avast Software)
Task: {BD8EF0D8-7FEC-4931-9264-A47D707047F0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0E3D6B81-0578-476F-B5D9-76C92B55F7C7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "ae4b24da-aac8-4716-a56b-41563cc96ea5" --version "6.29.11342" --silent
Task: {49F7912B-6AA0-4B51-B3D4-1FA793D489CC} - System32\Tasks\CCleanerSkipUAC - valtr => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {D7F95290-8F31-4F5B-B884-CFB707A9DAC5} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [1586112 2016-06-24] (Corel Corporation -> Corel Corporation)
Task: {E45FF0D8-1744-4814-8A5F-A5F2717A5D24} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{B7A823F2-3ED4-481A-AC25-79137421F8BE} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {E2547221-A73A-450C-9DC2-6126DF016742} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {B11ACD5B-ACBD-444D-85E3-FB84608BDA6F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {C3825DCA-76EB-4FB1-B02D-1279569881E9} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {8383F451-662E-4D77-9A79-84194A59FAD4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0f3d4732-0438-4f81-a54f-2e59c8cbfa78 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {A860990C-1A70-46BF-BA13-96ADFDECD336} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7e09ed0f-7a2d-46e1-9b75-0cc87eb7b786 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {B75B7778-BE88-4685-B1C4-4C98EA5C5E6C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\82fb7b19-7a88-4c1e-be6b-8bde6f47e95c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {C6791663-048D-4EF2-BAD0-2F0E6AB605CC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c14f9f8d-86e9-40c6-945a-74d4d412f41e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {E96CFB29-BDD5-4B83-A3D9-6733238A908C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f30b872a-b29b-43b0-9008-40c932cdcb71 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {66DF2DD6-00AB-47B1-9F41-3FDA57173277} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [3556248 2024-08-27] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {F8AD6122-48DA-44F5-AB41-4648A1E7C706} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [2357656 2024-08-27] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch
Task: {337736DE-5A0F-425E-979B-E2C786B3BA6E} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [2357656 2024-08-27] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {E0B4947C-2AEF-49D9-91EE-9DAFA8D0A213} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {73E6FE57-0C13-440D-949E-3FBF60E2CF1A} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [188656 2024-04-07] (Lenovo -> Lenovo Group Ltd.)
Task: {7862E379-C920-4765-825C-337B8D964E67} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {F26896E5-36D0-4EA2-9F32-8FE9EE35D4B7} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {E1C51066-AC7F-4232-A1BB-81F3AD7393B6} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {15D87B44-8465-4AA5-866A-5B9C31E2B1E4} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {24B74C62-A79E-49D8-8391-AC2760B6179F} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {EF271905-3251-414B-842C-2411EFF366F1} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {E47F7C8F-EDE4-493E-96C9-6CB31E5B8686} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {AD16771A-BBB6-49B9-8B0E-F8D9ED1DCA1A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {D41594A5-D23F-4329-BFD9-71A9BCD6F46B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {66BD38ED-1DFF-4DD2-804D-C69B6F5E69A3} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {30CFDB58-9D04-46D9-9492-7CDF4190E159} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {A87C8FD8-60A8-4731-BFDB-FD3BD6487E32} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {9A2B3936-5E5C-4743-ACBB-1DF70A878E4F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.174\ScheduleEventAction.exe [17816 2024-08-30] (Lenovo -> Lenovo)
Task: {E00B645D-BF03-4C0A-9DDA-6D85A16368FE} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {56C7C6A3-1E24-4E24-B8A6-5B0F85820397} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\uninstall.exe [340968 2024-09-12] (Lenovo -> Lenovo)
Task: {367F2D67-F5EE-4744-9D87-E3E5F9610CC0} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe [5596280 2024-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {08EEFD20-1DA3-4048-A17A-C767534DE939} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28643008 2024-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B466653-8AD7-49A2-95F9-3D24ADA3B548} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28643008 2024-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {91F3DE69-9239-47BC-A427-608AD8F9E17C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312464 2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD595703-E9B0-47B7-A2A4-47FF9B2CA26D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312464 2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C88B41CF-EE6B-4C32-8F18-443222FD708A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187600 2024-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {97C00C9C-E81B-45F8-99C4-048F0A86206C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {D19B7E39-6A20-4DDA-8850-4C17B9168AEC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ForcedRebootRetry (No File)
Task: {A8713FED-92DE-4A5C-8BDA-8E966B1657EB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ForcedRebootRetry (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {C86F9A57-BEF0-4BAA-93E3-F6BC042ED972} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-14074417-775752243-2468711463-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-10-31] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {17B69B71-8129-4926-AD63-E5784B91115C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-10-31] (Mozilla Corporation -> Mozilla Foundation)
Task: {FE0C356E-034D-4287-9B7E-952A449E6A02} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {67D6098F-9BD4-484D-9D5D-806D03CA6243} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {3826904B-8B47-4C74-8F92-415C5DA2ECE1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {417D6034-5A89-4941-9086-2CC55DE29BC0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {CA59382E-003E-43E5-8BC2-C8C407B84102} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0DE0DC04-85CD-41A9-9B75-4CC4096074D3} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97BE5023-B9FF-4A6E-ADB9-D9B09AD98A78} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {888C1495-54FC-4F88-883E-A8ECD04E303E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C45E0484-FB84-435F-800E-D89552EC9385} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {95A4D0EB-063F-46B2-84D9-2EFFDF6BD106} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7D93BC4D-5D1C-470A-B502-9AB49AE3C041} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF2569FB-A6CD-4FFC-800D-E3202228391B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-14074417-775752243-2468711463-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{64839e8e-95a7-4e0b-bfeb-a60ddf995ca4}: [DhcpNameServer] 152.208.1.2
Tcpip\..\Interfaces\{9a1c36cd-af84-4f8e-887c-8c5a55754404}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{9a1c36cd-af84-4f8e-887c-8c5a55754404}\B4F6D657E69647E696023456E6472757D60264255454: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9a1c36cd-af84-4f8e-887c-8c5a55754404}\B4F6D657E69647E696023456E6472757D60264255454: [DhcpDomain] localdomain

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\valtr\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-02]
Edge Notifications: Default -> hxxps://badoo.com; hxxps://eu1.badoo.com; hxxps://fr1.badoo.com; hxxps://meet.google.com; hxxps://tinder.com; hxxps://www.betano.cz; hxxps://www.instagram.com
Edge HomePage: Default -> hxxp://centrum.cz/
Edge Session Restore: Default -> is enabled.
Edge Extension: (Pomocník GIVT.cz) - C:\Users\valtr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2024-03-26]
Edge Extension: (Dokumenty Google offline) - C:\Users\valtr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-11]
Edge Extension: (Edge relevant text changes) - C:\Users\valtr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: u2ewxz4p.default
FF ProfilePath: C:\Users\valtr\AppData\Roaming\Mozilla\Firefox\Profiles\u2ewxz4p.default [2024-04-21]
FF ProfilePath: C:\Users\valtr\AppData\Roaming\Mozilla\Firefox\Profiles\mv17dgz0.default-release [2024-11-02]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\valtr\AppData\Local\Google\Chrome\User Data\Default [2024-09-27]
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E211CZ714G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (Pomocník GIVT.cz) - C:\Users\valtr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggfjoibkmcdpipebclkmekplmdjhmkop [2024-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\valtr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\valtr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-07-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\valtr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-03]
CHR Extension: (Seznam.cz) - C:\Users\valtr\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2024-03-03]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7261480 2024-10-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [774952 2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1221416 2024-10-29] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-05-31] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13650648 2024-10-27] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.196.0929.0005\FileSyncHelper.exe [3524664 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe [34256 2024-09-12] (Lenovo -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258144 2024-11-02] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-03] (Malwarebytes Inc. -> Malwarebytes)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC)
S3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC)
R2 NativePushService; C:\Users\valtr\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [595864 2024-03-20] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.196.0929.0005\OneDriveUpdaterService.exe [3867704 2024-10-29] (Microsoft Corporation -> Microsoft Corporation)
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72432 2024-04-07] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6e978b1ba87faf07\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6e978b1ba87faf07\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [20536 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [233016 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [381496 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [294960 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84536 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [27744 2024-07-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28752 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [273976 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [550456 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97848 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69176 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [951352 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1202232 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203832 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [307256 2024-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 camodriver; C:\WINDOWS\System32\DriverStore\FileRepository\camodriver.inf_amd64_99bad0a66e30f6f3\x64\camodriver.sys [36912 2024-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Reincubate Ltd.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70880 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.)
R3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [491232 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [354016 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85456 2023-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Trellix US LLC.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [464080 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [949472 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [106720 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.)
S4 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [233176 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Trellix US LLC.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-02 17:46 - 2024-11-02 17:47 - 000037790 _____ C:\Users\valtr\Desktop\FRST.txt
2024-11-02 17:44 - 2024-11-02 17:45 - 002397696 _____ (Farbar) C:\Users\valtr\Desktop\FRST64.exe
2024-11-02 09:32 - 2024-11-02 09:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-11-02 09:24 - 2024-11-02 09:24 - 000692356 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-02 09:24 - 2024-11-02 09:24 - 000143226 _____ C:\WINDOWS\system32\perfc005.dat
2024-10-31 15:29 - 2024-11-02 09:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-10-29 15:27 - 2024-10-29 15:27 - 000315688 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-10-28 04:39 - 2024-10-28 04:39 - 000000000 ____D C:\WINDOWS\Panther
2024-10-24 18:30 - 2024-10-24 18:30 - 006595952 _____ C:\Users\valtr\Desktop\Listopeni.pdf
2024-10-20 13:07 - 2024-10-20 13:07 - 000000000 ____D C:\Users\valtr\AppData\Roaming\Python
2024-10-17 12:38 - 2024-10-17 12:38 - 000000000 ____D C:\Users\valtr\AppData\Roaming\CadSoft
2024-10-17 12:35 - 2024-10-17 12:35 - 000000000 ____D C:\Users\valtr\AppData\Local\Fusion360
2024-10-17 12:34 - 2024-10-17 12:38 - 000000000 ____D C:\Users\valtr\AppData\Roaming\Fusion360
2024-10-17 12:34 - 2024-10-17 12:38 - 000000000 ____D C:\Users\valtr\AppData\Roaming\Autodesk
2024-10-17 12:34 - 2024-10-17 12:34 - 000002677 _____ C:\Users\valtr\Desktop\Autodesk Fusion.lnk
2024-10-17 12:34 - 2024-10-17 12:34 - 000000000 ____D C:\Users\valtr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2024-10-17 12:34 - 2024-10-17 12:34 - 000000000 ____D C:\Users\valtr\AppData\Local\cache
2024-10-17 12:34 - 2024-10-17 12:34 - 000000000 ____D C:\ProgramData\Autodesk
2024-10-17 11:30 - 2024-10-21 09:18 - 000000000 ____D C:\Users\valtr\AppData\Local\Autodesk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-02 17:48 - 2024-03-03 12:10 - 000000000 ____D C:\Users\valtr\AppData\Local\Malwarebytes
2024-11-02 17:47 - 2023-12-16 19:45 - 000004036 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2024-11-02 17:47 - 2023-12-16 19:45 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-02 17:47 - 2023-12-16 19:45 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-02 17:47 - 2023-12-16 19:45 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-02 17:47 - 2023-12-16 19:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-14074417-775752243-2468711463-1001
2024-11-02 17:47 - 2023-12-16 19:45 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000002948 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-11-02 17:47 - 2023-12-16 19:45 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-02 17:47 - 2023-12-16 19:45 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-11-02 17:47 - 2023-12-16 19:45 - 000002592 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2024-11-02 17:47 - 2023-12-16 19:45 - 000002248 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - valtr
2024-11-02 17:47 - 2023-12-16 19:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-11-02 17:47 - 2023-05-31 20:52 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-11-02 17:46 - 2024-03-03 10:46 - 000000000 ____D C:\FRST
2024-11-02 17:38 - 2023-05-31 20:52 - 000000000 ____D C:\Program Files\CCleaner
2024-11-02 17:37 - 2023-06-27 21:25 - 000000000 ____D C:\Users\valtr\AppData\Roaming\Microsoft\Word
2024-11-02 17:34 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-02 15:21 - 2021-03-10 19:14 - 000000000 ____D C:\ProgramData\NVIDIA
2024-11-02 15:17 - 2023-05-31 19:04 - 000000000 ____D C:\Users\valtr\AppData\Roaming\Microsoft\Excel
2024-11-02 15:17 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-02 12:10 - 2023-06-01 08:45 - 000000000 ____D C:\Users\valtr\AppData\Local\Packages
2024-11-02 10:51 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-02 10:51 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-02 10:51 - 2020-11-19 08:33 - 000000000 ____D C:\ProgramData\Packages
2024-11-02 10:29 - 2023-12-16 19:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-02 10:26 - 2023-05-31 16:46 - 000000000 ___RD C:\Users\valtr\OneDrive
2024-11-02 09:33 - 2023-06-02 19:06 - 000000000 ____D C:\Program Files\Microsoft Office
2024-11-02 09:33 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-11-02 09:24 - 2023-12-16 19:46 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-02 09:24 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-11-02 09:16 - 2024-04-21 13:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-02 09:16 - 2023-12-16 19:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-02 09:16 - 2023-05-31 18:38 - 000000000 ____D C:\ProgramData\Avast Software
2024-11-02 09:16 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-11-02 09:16 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-11-02 09:16 - 2020-11-27 01:59 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-02 09:12 - 2023-05-31 20:31 - 000000000 ____D C:\Users\valtr\.smplayer
2024-11-01 17:26 - 2024-03-03 10:36 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-01 17:26 - 2024-03-03 10:36 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-11-01 17:24 - 2024-04-21 13:29 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-01 17:24 - 2024-04-21 13:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-10-30 19:40 - 2023-12-16 19:45 - 000000000 ____D C:\Users\valtr\AppData\Local\D3DSCache
2024-10-30 18:27 - 2023-12-16 19:41 - 000000000 ____D C:\Users\valtr
2024-10-30 15:42 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-10-30 15:28 - 2023-05-31 21:25 - 000000000 ____D C:\Users\valtr\AppData\Local\CrashDumps
2024-10-30 15:26 - 2023-06-22 20:25 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-29 15:29 - 2023-06-21 13:15 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-29 15:27 - 2023-05-31 18:39 - 001202232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000951352 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000550456 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000381496 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000307256 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000294960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000273976 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000233016 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000097848 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000028752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-10-29 15:27 - 2023-05-31 18:39 - 000020536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-10-29 15:27 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-10-29 15:25 - 2023-05-31 18:42 - 000000000 ____D C:\Users\valtr\AppData\Local\Avast Software
2024-10-28 05:19 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-10-27 10:08 - 2023-07-24 20:27 - 000000000 ____D C:\Users\valtr\AppData\Roaming\PrusaSlicer
2024-10-26 06:40 - 2020-11-19 08:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-25 19:56 - 2024-05-05 13:22 - 000000000 ____D C:\Users\valtr\AppData\Roaming\remove.bg-desktop
2024-10-15 21:43 - 2023-06-06 20:15 - 000000000 ____D C:\Users\valtr\AppData\Roaming\Zoom
2024-10-09 20:38 - 2023-12-16 19:40 - 000601120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-10-09 20:38 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-10-09 20:37 - 2023-12-16 19:37 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-10-09 20:37 - 2022-05-07 11:14 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IME
2024-10-09 20:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-10-09 20:37 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-10-09 15:11 - 2023-12-16 19:44 - 003213312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-10-09 14:50 - 2023-05-31 18:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-10-09 14:49 - 2023-05-31 18:52 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-10-07 17:52 - 2023-06-01 08:41 - 000000000 ___SD C:\Users\valtr\AppData\Roaming\Microsoft\Credentials
2024-10-03 17:25 - 2023-06-01 17:35 - 000210472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-10-03 17:25 - 2023-06-01 17:35 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-10-03 17:25 - 2023-06-01 17:35 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-10-03 17:25 - 2023-05-31 17:02 - 002819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-10-03 17:25 - 2023-05-31 17:02 - 000775720 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-10-03 17:25 - 2023-05-31 17:02 - 000243264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-10-03 17:25 - 2023-05-31 17:02 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll

==================== Files in the root of some directories ========

2023-06-28 15:04 - 2023-06-28 15:04 - 007556848 _____ (Microsoft Corporation) C:\Users\valtr\OfficeSetup.exe
2023-09-21 19:43 - 2023-09-21 19:43 - 002794744 _____ () C:\Users\valtr\OKW3X04O104x64_40160.exe
2023-12-25 18:09 - 2023-12-25 18:09 - 011315416 _____ () C:\Users\valtr\X7OscarLite_V2023.0906_MUI.exe
2023-06-02 21:16 - 2023-06-02 21:16 - 000000369 _____ () C:\Users\valtr\AppData\Roaming\SaraBat.bat
2023-06-02 21:16 - 2023-06-02 21:16 - 000196984 _____ (Microsoft Corporation) C:\Users\valtr\AppData\Roaming\SetupProd_Act.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[JaRon]

Pokial tam mas Avast, odstran McAfee
Potom docisti registre s Ccleanerom - inac OK

[Filis]

Taková zápletka. Jak ho odinstalovat? Ccleaner McAfee vůbec nenajde a v commanderu jsem našel "Uninnstal", ale po kliknutí to vyhodí Error

[JaRon]

Pouzi fixlist:

Start

CloseProcesses:

S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC)
S3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1226192 2023-04-05] (MUSARUBRA US LLC -> McAfee, LLC)


EmptyTemp:

End

[Filis]

Omlouvám se ale vůbec nerozumím, mám cosi nějak použít?

[JaRon]

Mas pouzit fixlist.txt ku FRST
Podobne si riesil tu - https://forum.viry.cz/viewtopic.php?p=1548025#p1548025
Nemam poruke navody