VIRY.CZ

Dobrý den. Na mém notebooku začaly v prohlížečích vyskakovat reklamy. Prosím o kontrolu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2020
Ran by manat (administrator) on LAPTOP-EJO9GE0M (LENOVO 81LK) (27-11-2020 14:47:34)
Running from C:\Users\manat\Desktop
Loaded Profiles: manat
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> ) C:\Program Files\Avast Software\Avast\setup\securebrowser_setup_160648480611544.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <8>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\setup\aswOfferTool.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\setup\instup.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\GfxDownloadWrapper.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\manat\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117344 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-14] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {07D34AD6-F5C3-4742-828C-1135F4944EE6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-11-27] (Avast Software s.r.o. -> Avast Software)
Task: {1258079C-2638-4701-B45C-D7FBEDF810CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {14AC2434-9952-4061-8AD6-506804EFB996} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D6D954E-3337-4B0B-8ECA-F5874FA1AEAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B7FB58C-66C5-40D5-8795-27FE5B73D248} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5f831498-cb13-48a4-8462-e4e7f0765542 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {502D49D2-0EB4-4574-8630-A88A2387F20E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {522003F2-A919-4976-AF94-4BEAE88589D9} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {57E03ED3-93D5-4E72-92A4-0FCC19BF608E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\53c34629-4988-4217-86c2-5eca0eb70fad => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {59453969-B8BB-4D90-9A8A-1BD4137645F6} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4617832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {62505FDD-CC2A-4868-8989-0FC482CF1F7F} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {650BF75D-122E-4E89-86E4-D94DF90B44DB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {68D01FC4-7D46-4330-8D36-36FA805B5665} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E28E007-CB8E-4211-A231-724C5857631C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {71D9C2C1-A6FC-479F-8643-F1A845983088} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654136 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {749C2744-C751-49C7-9930-5844A0589C09} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7524853B-E19D-422D-ACB6-2192858ADEF1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4ba71018-c75b-47a2-b13e-d72b04addd1e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {7B279985-AE0B-4EAB-8775-40B25E58A631} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B887509-0B0B-4E5D-A843-6CB1930388EF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {808107DE-9076-4DD6-B917-3492245B36E9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {900D676A-7846-4001-B203-F1A87E53A197} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99025F4A-3920-4408-A58C-1E5E8CEBA22F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8ED2F56-07E8-4CC2-BE38-E9F0D5B15BF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B10CB270-1A6F-472C-919D-CF000621474C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {B4C9C929-2BE1-42E3-9EDF-76BC3532E25D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {E3877A3B-ACA4-426E-8968-E24AE9613E2F} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {E3AD4D61-9581-4649-BB47-AAC348AAEF79} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302384 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FC650AAD-E92C-41D4-83BD-4C90727D705C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\145072fb-f24e-45f8-8fcf-bef4cc7a2a01 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {FFF71F57-127C-45A4-895D-740065EF74CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{205fb23d-5c4f-47c4-8d5c-746dd8aecaef}: [DhcpNameServer] 150.208.1.2
Tcpip\..\Interfaces\{cecc4a96-b218-4a70-a65c-ae99f1919f1e}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Edge:
======
Edge Profile: C:\Users\manat\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-27]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR Profile: C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default [2020-11-27]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-02]
CHR Extension: (Dokumenty) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02]
CHR Extension: (Disk Google) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02]
CHR Extension: (Tabulky) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-02]
CHR Extension: (Gmail) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8454552 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [365648 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [3096160 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-01] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-21] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332368 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97352 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16816 2020-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
S3 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176744 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521752 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326416 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2020
Ran by manat (27-11-2020 14:48:27)
Running from C:\Users\manat\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-11-02 14:45:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4210255883-2599605577-1647361875-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4210255883-2599605577-1647361875-503 - Limited - Disabled)
Guest (S-1-5-21-4210255883-2599605577-1647361875-501 - Limited - Disabled)
manat (S-1-5-21-4210255883-2599605577-1647361875-1001 - Administrator - Enabled) => C:\Users\manat
WDAGUtilityAccount (S-1-5-21-4210255883-2599605577-1647361875-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6938.199 - AVAST Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.171 - McAfee, LLC)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2020-11-03] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2009.18.0_x64__k1h2ywk1493x8 [2020-11-03] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\e0469640.lenovoutility_3.1.18.0_x64__5grkq8ppsgwt4 [2020-11-03] (LENOVO INC) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.958.0_x64__56jybvy8sckqj [2020-11-03] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-14] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-11-03] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0 [2020-11-14] (Spotify AB) [Startup Task]
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.99.0_x64__8wekyb3d8bbwe [2020-11-14] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\nvshext.dll [2020-07-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-14 14:16 - 2020-11-14 14:17 - 041670144 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-11-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-11-21] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ADFB8126-6470-4FCE-AA9F-410AE2021D88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82FC8EA8-EAA6-4C96-BE48-372B1E7A598B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A0E2566-34A2-4EC4-8A2E-FD945934E1BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9F8F22A-4BAB-4877-BFF3-20861ED82755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8261C8D-8134-4689-B5A2-6EE23B1BAB48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{995882DB-AB23-4855-AB9B-ED962B753D55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A9385B2-0FF3-4FE5-9DF0-CEA9ACC9D5EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E29AA788-E741-48FF-8A41-388C762C283B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DEDC0562-2FD4-42BB-8FFA-B24676719936}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0BEBBDEF-4C2A-4CD6-9789-B348072CCB2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C77D9DB7-3F53-439D-A521-77E8B3F5B153}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84A5FB42-674B-4885-973F-B1AB6836701D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{238BA159-7F0C-4532-ADDC-054E9138B04B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F4F9E1E-5CFB-47A2-9F81-C1540B13BB68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5190BF6-10CD-4F16-B98A-07ACD9192224}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7464599E-7DA1-4E6D-9AB1-72410A561439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B6D40FD-6A01-4548-AF94-AC9CA34571E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F68AA80-3C7E-46E1-AE90-A97471A44C43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{063A0BC7-4BF6-4F40-BB6C-462DE576C44A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB4CBE5E-C4C8-40A5-9C34-7296865CA27B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EBE40B8-0531-4803-9FDC-A9FF171BA7B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

08-11-2020 17:40:53 Naplánovaný kontrolní bod
19-11-2020 05:52:16 Naplánovaný kontrolní bod
27-11-2020 09:54:46 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/27/2020 10:07:47 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21196,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/27/2020 09:58:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17960,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/27/2020 09:52:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13288,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/24/2020 09:51:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9900,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/24/2020 08:35:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16588,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/24/2020 06:51:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/24/2020 06:43:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17496,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/24/2020 05:52:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20664,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (11/27/2020 02:47:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswSnx neuspěla při spuštění v důsledku následující chyby:
Prvek nebyl nalezen.

Error: (11/27/2020 09:43:13 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.

Error: (11/24/2020 02:20:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba LenovoVantageService je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (11/23/2020 07:16:29 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: NT AUTHORITY)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.

Error: (11/22/2020 09:13:50 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: NT AUTHORITY)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.

Error: (11/22/2020 04:34:56 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.

Error: (11/22/2020 04:25:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.

Error: (11/22/2020 04:25:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PLFNLNT3G5G-AppUp.IntelGraphicsExperience.


CodeIntegrity:
===================================

Date: 2020-11-27 14:49:01.804
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-27 14:49:01.240
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-27 14:49:00.432
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-27 14:48:56.183
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-27 14:48:56.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-27 14:48:55.406
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-27 14:48:54.653
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-27 14:48:50.603
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO BGCN24WW 08/19/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8072.24 MB
Available physical RAM: 3961.08 MB
Total Virtual: 9352.24 MB
Available Virtual: 4139.44 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:371.4 GB) NTFS

\\?\Volume{cf1e6b02-72a1-4864-8a80-cf313469e317}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{15c47271-bd09-4b83-8714-0cd62d70517f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 6BE9965B)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\manat\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2124 octets] - [28/11/2020 13:34:11]
AdwCleaner[S01].txt - [2185 octets] - [28/11/2020 13:35:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

OK. Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2020
Ran by manat (administrator) on LAPTOP-EJO9GE0M (LENOVO 81LK) (29-11-2020 08:17:13)
Running from C:\Users\manat\Desktop
Loaded Profiles: manat
Platform: Windows 10 Home Version 1909 18363.1198 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_12bdb8127c4c0458\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_d2a0453c62b3b51a\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_cf6c24843162da87\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\manat\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\upfc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117344 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [707416 2018-01-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\Policies\Explorer: []
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.198\Installer\chrmstp.exe [2020-11-14] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-14] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {07D34AD6-F5C3-4742-828C-1135F4944EE6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-11-27] (Avast Software s.r.o. -> Avast Software)
Task: {1258079C-2638-4701-B45C-D7FBEDF810CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {14AC2434-9952-4061-8AD6-506804EFB996} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {15CAD0F2-D7E3-4E32-A02D-A556CE219608} - \Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e -> No File <==== ATTENTION
Task: {1D6D954E-3337-4B0B-8ECA-F5874FA1AEAA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {33B23D48-DB08-4E37-9594-0033FEB001E2} - \Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038 -> No File <==== ATTENTION
Task: {502D49D2-0EB4-4574-8630-A88A2387F20E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {522003F2-A919-4976-AF94-4BEAE88589D9} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
Task: {59453969-B8BB-4D90-9A8A-1BD4137645F6} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4617832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {62505FDD-CC2A-4868-8989-0FC482CF1F7F} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {650BF75D-122E-4E89-86E4-D94DF90B44DB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {68D01FC4-7D46-4330-8D36-36FA805B5665} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E28E007-CB8E-4211-A231-724C5857631C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {71D9C2C1-A6FC-479F-8643-F1A845983088} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654136 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {749C2744-C751-49C7-9930-5844A0589C09} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {7B279985-AE0B-4EAB-8775-40B25E58A631} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B887509-0B0B-4E5D-A843-6CB1930388EF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {808107DE-9076-4DD6-B917-3492245B36E9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {900D676A-7846-4001-B203-F1A87E53A197} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99025F4A-3920-4408-A58C-1E5E8CEBA22F} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A8ED2F56-07E8-4CC2-BE38-E9F0D5B15BF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22939528 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B10CB270-1A6F-472C-919D-CF000621474C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {B4C9C929-2BE1-42E3-9EDF-76BC3532E25D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {CA40B1FE-169E-4034-B44E-07F65EF3A66C} - \Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1 -> No File <==== ATTENTION
Task: {E3877A3B-ACA4-426E-8968-E24AE9613E2F} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {E3AD4D61-9581-4649-BB47-AAC348AAEF79} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302384 2019-09-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F7FC150B-1CB5-4DA9-90C3-C68516A27420} - \Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97 -> No File <==== ATTENTION
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {FFF71F57-127C-45A4-895D-740065EF74CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{205fb23d-5c4f-47c4-8d5c-746dd8aecaef}: [DhcpNameServer] 150.208.1.2
Tcpip\..\Interfaces\{cecc4a96-b218-4a70-a65c-ae99f1919f1e}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Edge:
======
Edge Profile: C:\Users\manat\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-27]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR Profile: C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default [2020-11-29]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-02]
CHR Extension: (Dokumenty) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02]
CHR Extension: (Disk Google) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02]
CHR Extension: (YouTube) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02]
CHR Extension: (Tabulky) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-02]
CHR Extension: (Gmail) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\manat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2018-01-11] (Autodesk, Inc. -> Autodesk Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8454552 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [365648 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [3096160 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [58048 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9057136 2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-01] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332368 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97352 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16816 2020-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176744 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521752 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326416 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-29 08:17 - 2020-11-29 08:17 - 000022904 _____ C:\Users\manat\Desktop\FRST.txt
2020-11-28 13:51 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Local\D3DSCache
2020-11-28 13:51 - 2020-11-28 13:51 - 000000000 ____D C:\ProgramData\FLEXnet
2020-11-28 13:46 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Local\Autodesk
2020-11-28 13:46 - 2020-11-28 13:46 - 000002198 _____ C:\Users\Public\Desktop\AutoCAD 2019 – Čeština (Czech).lnk
2020-11-28 13:46 - 2020-11-28 13:46 - 000000000 ____D C:\Program Files (x86)\Autodesk
2020-11-28 13:45 - 2020-11-28 13:51 - 000000000 ____D C:\Users\manat\AppData\Roaming\Autodesk
2020-11-28 13:45 - 2020-11-28 13:45 - 000000000 ____D C:\Program Files\Common Files\Macrovision Shared
2020-11-28 13:44 - 2020-11-28 13:46 - 000000000 ____D C:\Program Files\Autodesk
2020-11-28 13:44 - 2020-11-28 13:45 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2020-11-28 13:43 - 2020-11-28 13:55 - 000000000 ____D C:\ProgramData\Autodesk
2020-11-28 13:42 - 2020-11-28 13:42 - 000000000 ____D C:\Users\manat\AppData\Roaming\WinRAR
2020-11-28 13:42 - 2020-11-28 13:42 - 000000000 ____D C:\Program Files\WinRAR
2020-11-28 13:41 - 2020-11-28 13:42 - 003417584 _____ C:\Users\manat\Downloads\winrar-x64-591cz.exe
2020-11-28 13:33 - 2020-11-28 13:36 - 000000000 ____D C:\AdwCleaner
2020-11-28 13:33 - 2020-11-28 13:33 - 008447152 _____ (Malwarebytes) C:\Users\manat\Downloads\adwcleaner_8.0.8.exe
2020-11-27 14:47 - 2020-11-29 08:17 - 000000000 ____D C:\FRST
2020-11-27 14:47 - 2020-11-27 14:47 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-11-27 14:47 - 2020-11-27 14:47 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-11-27 14:47 - 2020-11-27 14:47 - 000002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-11-27 14:47 - 2020-11-27 14:47 - 000000000 ____D C:\Users\manat\AppData\Local\AVAST Software
2020-11-27 14:46 - 2020-11-27 14:46 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2020-11-27 14:46 - 2020-11-27 14:46 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2020-11-27 14:46 - 2020-11-27 14:46 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2020-11-27 14:44 - 2020-11-27 14:44 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-11-27 14:44 - 2020-11-27 14:44 - 000000000 ____D C:\Users\manat\AppData\Roaming\Avast Software
2020-11-27 14:43 - 2020-11-29 08:16 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-11-27 14:43 - 2020-11-27 14:44 - 000220784 _____ (AVAST Software) C:\Users\manat\Downloads\avast_free_antivirus_setup_online (2).exe
2020-11-27 14:43 - 2020-11-27 14:43 - 002290176 _____ (Farbar) C:\Users\manat\Downloads\FRST64.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 002290176 _____ (Farbar) C:\Users\manat\Desktop\FRST64.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000521752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000469832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000339552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-11-27 14:43 - 2020-11-27 14:43 - 000332368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000326416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000206408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000176744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000097352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000016816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-11-27 14:43 - 2020-11-27 14:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-11-27 14:43 - 2020-11-27 14:43 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2020-11-27 14:42 - 2020-11-27 14:48 - 000000000 ____D C:\ProgramData\Avast Software
2020-11-27 14:42 - 2020-11-27 14:42 - 000220784 _____ (AVAST Software) C:\Users\manat\Downloads\avast_free_antivirus_setup_online (1).exe
2020-11-27 14:42 - 2020-11-27 14:42 - 000000000 ____D C:\Program Files\Avast Software
2020-11-27 09:35 - 2020-11-28 13:34 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F82A5C71-8D1B-4A77-9455-5B7E4D7F95F7}
2020-11-23 19:28 - 2020-11-23 20:47 - 821810346 _____ C:\Users\manat\Downloads\Slunečná 65. Mafiánská konkubína 100%.mkv
2020-11-18 14:36 - 2020-11-18 15:35 - 638879951 _____ C:\Users\manat\Downloads\Slunečná 64 - Nepřítel na telefonu.mp4
2020-11-14 14:17 - 2020-11-24 14:20 - 000001849 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2020-11-14 14:17 - 2020-11-14 14:17 - 000000303 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2020-11-14 14:13 - 2020-11-14 15:12 - 641489258 _____ C:\Users\manat\Downloads\Slunečná 63-Návrat desperáta.mp4
2020-11-12 17:18 - 2020-11-12 17:53 - 637116328 _____ C:\Users\manat\Downloads\Slunečná 62-Studna.mp4
2020-11-11 15:22 - 2020-11-11 16:22 - 1081169649 _____ C:\Users\manat\Downloads\Slunečná 61 - Velké stěhování.mp4
2020-11-11 00:08 - 2020-11-11 00:08 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-11 00:08 - 2020-11-11 00:08 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-11-11 00:08 - 2020-11-11 00:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-11-05 17:46 - 2020-11-05 17:46 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2020-11-04 14:27 - 2020-11-04 15:37 - 753142082 _____ C:\Users\manat\Downloads\Slunečná 60-Lži a intriky.mp4
2020-11-03 18:24 - 2020-11-21 06:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-11-03 18:24 - 2020-11-11 00:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-03 14:15 - 2020-11-03 14:15 - 000000000 ____D C:\Program Files\UNP
2020-11-03 00:31 - 2015-04-28 19:06 - 000043256 _____ C:\WINDOWS\system32\oemlogo.bmp
2020-11-03 00:30 - 2020-11-05 17:46 - 000000000 ____D C:\Windows.old
2020-11-03 00:30 - 2020-11-03 00:30 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2020-11-03 00:29 - 2020-11-03 00:29 - 000000000 ____D C:\WINDOWS\system32\Intel
2020-11-03 00:29 - 2020-11-03 00:29 - 000000000 ____D C:\WINDOWS\system32\cAVS
2020-11-03 00:28 - 2020-11-28 13:36 - 000000000 ____D C:\WINDOWS\Lenovo
2020-11-03 00:27 - 2020-11-03 00:27 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2020-11-03 00:27 - 2020-11-03 00:27 - 000000000 ____D C:\WINDOWS\Setup
2020-11-03 00:26 - 2020-11-28 13:54 - 000685020 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-03 00:26 - 2020-11-28 13:54 - 000137706 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\winrm
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\slmgr
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\cs
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\0409
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\DigitalLocker
2020-11-03 00:26 - 2020-11-03 00:26 - 000000000 ____D C:\ProgramData\ssh
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\system32\WCN
2020-11-03 00:26 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\OCR
2020-11-03 00:25 - 2020-10-06 01:13 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-11-03 00:25 - 2020-10-06 01:13 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-03 00:24 - 2020-11-28 13:54 - 000000000 ____D C:\WINDOWS\INF
2020-11-03 00:24 - 2020-11-28 13:50 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-03 00:24 - 2020-11-28 13:46 - 000000000 ___RD C:\Program Files (x86)
2020-11-03 00:24 - 2020-11-28 13:44 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-11-03 00:24 - 2020-11-28 13:35 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-03 00:24 - 2020-11-28 13:34 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-03 00:24 - 2020-11-27 14:44 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\TextInput
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-03 00:24 - 2020-11-11 02:06 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-03 00:24 - 2020-11-08 16:11 - 000000000 ____D C:\WINDOWS\appcompat
2020-11-03 00:24 - 2020-11-03 00:30 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2020-11-03 00:24 - 2020-11-03 00:30 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\system32\dsc
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\system32\Com
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\WINDOWS\Help
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\Program Files\Windows Defender
2020-11-03 00:24 - 2020-11-03 00:26 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __SHD C:\Program Files\Windows Sidebar
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 __RSD C:\WINDOWS\Media
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\Nui
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Web
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\WaaS
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Vss
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\tracing
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\TAPI
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SystemApps
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\winevt
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ti-et
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ta-in
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\si-lk
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ras
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\my-mm
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Keywords
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\IME
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\icsxml
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ias
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\DriverState
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\downlevel
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\am-et
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\System
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SKB
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\schemas
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\SchCache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\security
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Resources
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\rescache
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\PLA
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Performance
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\ModemLogs
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\L2Schemas
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\InputMethod
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\IdentityCRL
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Globalization
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Cursors
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Containers
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\Branding
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\addins
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\ProgramData\USOShared
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Security
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Portable Devices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files\Common Files\Services
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows NT
2020-11-03 00:24 - 2020-11-03 00:24 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2020-11-03 00:24 - 2020-11-03 00:23 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2020-11-03 00:24 - 2020-11-03 00:23 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2020-11-03 00:24 - 2020-11-03 00:23 - 000018903 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-03 00:24 - 2020-11-03 00:23 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2020-11-03 00:24 - 2020-11-03 00:23 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2020-11-03 00:24 - 2020-11-03 00:23 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2020-11-03 00:24 - 2020-11-03 00:23 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2020-11-03 00:24 - 2020-11-03 00:23 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2020-11-03 00:24 - 2020-11-03 00:23 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2020-11-03 00:24 - 2020-11-02 16:04 - 000000000 ____D C:\WINDOWS\ServiceState
2020-11-03 00:24 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\system32\spool
2020-11-03 00:24 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-11-03 00:24 - 2020-11-02 15:41 - 000000000 ____D C:\Program Files\Windows NT
2020-11-03 00:24 - 2020-11-02 15:40 - 000000000 __RHD C:\Users\Public\Libraries
2020-11-03 00:24 - 2020-11-02 15:40 - 000000000 ____D C:\WINDOWS\Registration
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-03 00:24 - 2020-11-02 15:37 - 000000000 ____D C:\WINDOWS\IME
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files\Common Files\System
2020-11-03 00:24 - 2020-11-02 15:36 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-11-03 00:24 - 2020-11-02 15:35 - 000000000 ____D C:\ProgramData\USOPrivate
2020-11-03 00:24 - 2020-11-02 15:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2020-11-03 00:24 - 2020-11-02 15:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2020-11-03 00:21 - 2020-11-28 13:49 - 098566144 _____ C:\WINDOWS\system32\config\SOFTWARE
2020-11-03 00:21 - 2020-11-28 13:49 - 030932992 _____ C:\WINDOWS\system32\config\SYSTEM
2020-11-03 00:21 - 2020-11-28 13:49 - 000786432 _____ C:\WINDOWS\system32\config\DEFAULT
2020-11-03 00:21 - 2020-11-28 13:49 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-03 00:21 - 2020-11-28 13:49 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2020-11-03 00:21 - 2020-11-28 13:49 - 000032768 _____ C:\WINDOWS\system32\config\SAM
2020-11-03 00:21 - 2020-11-27 14:44 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2020-11-03 00:21 - 2020-11-11 00:11 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-03 00:21 - 2020-11-03 18:24 - 000000000 ____D C:\WINDOWS\servicing
2020-11-03 00:21 - 2020-11-03 00:24 - 000000000 ____D C:\WINDOWS\system32\SMI
2020-11-03 00:21 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\Panther
2020-11-02 16:04 - 2020-11-02 16:04 - 000000000 ____D C:\Users\manat\AppData\Local\Comms
2020-11-02 15:56 - 2020-11-18 17:15 - 000000000 ____D C:\WINDOWS\TempInst
2020-11-02 15:53 - 2020-11-14 14:13 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-02 15:53 - 2020-11-14 14:13 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-02 15:53 - 2020-11-02 15:56 - 000000000 ____D C:\Users\manat\AppData\Local\Google
2020-11-02 15:53 - 2020-11-02 15:53 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-02 15:53 - 2020-11-02 15:53 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-02 15:53 - 2020-11-02 15:53 - 000000000 ____D C:\Program Files\Google
2020-11-02 15:53 - 2020-11-02 15:53 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-02 15:52 - 2020-11-02 15:52 - 001317080 _____ (Google LLC) C:\Users\manat\Downloads\ChromeSetup.exe
2020-11-02 15:50 - 2020-11-28 13:36 - 000000000 ____D C:\Users\manat\AppData\Local\Lenovo
2020-11-02 15:50 - 2020-11-03 16:26 - 000000000 ____D C:\Users\manat\AppData\Local\PlaceholderTileLogoFolder
2020-11-02 15:50 - 2020-11-02 15:50 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4210255883-2599605577-1647361875-1001
2020-11-02 15:49 - 2020-11-02 15:49 - 000000000 ____D C:\Users\manat\AppData\Local\CEF
2020-11-02 15:49 - 2020-11-02 15:49 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2020-11-02 15:48 - 2020-11-02 16:06 - 000000000 ____D C:\ProgramData\Packages
2020-11-02 15:48 - 2020-11-02 16:05 - 000000000 ____D C:\Users\manat\AppData\Local\Publishers
2020-11-02 15:47 - 2020-11-28 13:54 - 001606102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-02 15:47 - 2020-11-03 16:27 - 000000000 ____D C:\Users\manat\AppData\Local\Intel
2020-11-02 15:47 - 2020-11-03 16:26 - 000000000 ____D C:\Users\manat\AppData\Local\ConnectedDevicesPlatform
2020-11-02 15:47 - 2020-11-03 14:15 - 000000000 ____D C:\Users\manat\AppData\Local\NVIDIA Corporation
2020-11-02 15:47 - 2020-11-02 17:48 - 000000000 ____D C:\Users\manat\AppData\Local\Packages
2020-11-02 15:47 - 2020-11-02 15:47 - 000000020 ___SH C:\Users\manat\ntuser.ini
2020-11-02 15:47 - 2020-11-02 15:47 - 000000000 ____D C:\Users\manat\AppData\Roaming\Adobe
2020-11-02 15:47 - 2020-11-02 15:47 - 000000000 ____D C:\Users\manat\AppData\Local\VirtualStore
2020-11-02 15:45 - 2020-11-02 15:45 - 000000000 ____D C:\WINDOWS\minidump
2020-11-02 15:41 - 2020-11-28 13:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-02 15:41 - 2020-11-14 14:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-11-02 15:41 - 2020-11-02 15:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-02 15:41 - 2020-11-02 15:41 - 000003554 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2020-11-02 15:41 - 2020-11-02 15:41 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b125465b5fd6
2020-11-02 15:41 - 2020-11-02 15:41 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4210255883-2599605577-1647361875-500
2020-11-02 15:41 - 2020-11-02 15:41 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Poslední
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Okolní síť
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Poslední
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\Default User
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\Users\All Users
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Šablony
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Plocha
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Dokumenty
2020-11-02 15:41 - 2020-11-02 15:41 - 000000000 _SHDL C:\ProgramData\Data aplikací
2020-11-02 15:41 - 2019-11-23 04:56 - 000002852 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-976940842-2883749116-2420433773-500
2020-11-02 15:41 - 2019-10-17 05:12 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3354727278-81800435-1074778100-500
2020-11-02 15:38 - 2020-11-11 14:15 - 000000000 ____D C:\Users\manat
2020-11-02 15:38 - 2020-11-02 15:50 - 000002376 _____ C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Šablony
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Soubory cookie
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Poslední
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Okolní tiskárny
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Okolní síť
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Nabídka Start
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Dokumenty
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Obrázky
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Hudba
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Documents\Filmy
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\Data aplikací
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2020-11-02 15:38 - 2020-11-02 15:38 - 000000000 _SHDL C:\Users\manat\AppData\Local\Data aplikací
2020-11-02 15:34 - 2020-11-27 09:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-02 15:33 - 2020-11-28 13:49 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2020-11-02 15:33 - 2020-11-02 17:39 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-11-02 15:33 - 2020-11-02 15:51 - 000000000 ____D C:\ProgramData\Lenovo
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\ProgramData\Realtek
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 ____D C:\Program Files\Common Files\Dolby
2020-11-02 15:33 - 2020-11-02 15:33 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2020-11-02 15:31 - 2020-11-29 08:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-02 15:31 - 2020-11-28 13:49 - 000532656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-02 15:16 - 2020-11-03 00:31 - 000000000 ___HD C:\$SysReset
2020-11-01 17:31 - 2020-11-01 19:25 - 1201435150 _____ C:\Users\manat\Desktop\Přes prsty 2019 CZ Dabing Cesky film komedie romanticke (kkk).avi
2020-10-31 19:51 - 2020-10-31 20:34 - 766965950 _____ C:\Users\manat\Downloads\Slunečná 59-Živý nebo mrtvý.mp4
2020-10-31 18:47 - 2020-10-31 19:50 - 646329840 _____ C:\Users\manat\Downloads\Slunečná 58 (bob).mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-28 13:51 - 2019-11-23 06:12 - 000000000 ____D C:\ProgramData\NVIDIA
2020-11-28 13:49 - 2020-03-26 02:02 - 000000000 __SHD C:\Users\manat\IntelGraphicsProfiles
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap Photo
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2020-11-28 13:46 - 2020-03-25 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2019 – Čeština (Czech)
2020-11-28 13:46 - 2020-03-25 10:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2020-11-28 13:44 - 2019-11-23 06:08 - 000000000 ____D C:\ProgramData\Package Cache
2020-11-28 13:42 - 2020-03-25 10:18 - 000000000 ____D C:\Users\manat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-28 13:42 - 2020-03-25 10:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-11-28 13:37 - 2020-03-26 02:04 - 000000000 ___RD C:\Users\manat\OneDrive
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\Lenovo
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\Program Files\Lenovo
2020-11-28 13:36 - 2019-11-23 06:00 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-11-15 16:12 - 2019-11-23 06:02 - 000000000 ____D C:\Program Files\Microsoft Office
2020-11-11 02:07 - 2020-03-26 02:02 - 000000000 ___RD C:\Users\manat\3D Objects
2020-11-11 02:07 - 2019-10-17 05:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-11-04 17:31 - 2020-09-16 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-11-04 17:31 - 2019-11-23 06:04 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002424 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-11-04 17:31 - 2019-11-23 06:04 - 000002412 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-11-03 16:27 - 2019-11-23 06:10 - 000000000 ____D C:\ProgramData\Intel
2020-11-02 15:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-11-02 15:37 - 2019-11-23 06:20 - 000000000 ____D C:\ProgramData\McInstTemp0161681574486451
2020-11-02 15:37 - 2019-11-23 06:14 - 000000000 ____D C:\ProgramData\McInstTemp0149631574486082
2020-11-02 15:37 - 2019-11-23 06:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:11 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-11-02 15:36 - 2019-11-23 06:08 - 000000000 ____D C:\Program Files\Intel
2020-11-02 15:36 - 2019-11-23 06:02 - 000000000 ____D C:\Program Files\Microsoft Office 15
2020-11-02 15:36 - 2019-10-07 03:51 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2020-11-02 15:35 - 2019-11-23 06:08 - 000000000 ____D C:\DRIVER
2020-11-02 15:35 - 2019-11-23 06:03 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2020-11-02 15:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2020-11-02 15:33 - 2019-11-23 06:10 - 000000000 ___HD C:\Intel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2020
Ran by manat (29-11-2020 08:18:26)
Running from C:\Users\manat\Desktop
Windows 10 Home Version 1909 18363.1198 (X64) (2020-11-02 14:45:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4210255883-2599605577-1647361875-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4210255883-2599605577-1647361875-503 - Limited - Disabled)
Guest (S-1-5-21-4210255883-2599605577-1647361875-501 - Limited - Disabled)
manat (S-1-5-21-4210255883-2599605577-1647361875-1001 - Administrator - Enabled) => C:\Users\manat
WDAGUtilityAccount (S-1-5-21-4210255883-2599605577-1647361875-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACA & MEP 2019 Object Enabler (HKLM\...\{28B89EEF-2004-0000-5102-CF3F3A09B77D}) (Version: 8.1.44.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-2001-0000-3102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 – Čeština (Czech) (HKLM\...\{28B89EEF-2001-0405-2102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 (HKLM\...\{28B89EEF-2001-0000-0102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
AutoCAD 2019 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-2001-0405-1102-CF3F3A09B77D}) (Version: 23.0.46.0 - Autodesk) Hidden
Autodesk App Manager 2016-2019 (HKLM-x32\...\{C1BF29A7-2D9E-4E8D-A3C1-02F6B20B8AB7}) (Version: 2.5.0 - Autodesk)
Autodesk AutoCAD 2019 – Čeština (Czech) (HKLM\...\AutoCAD 2019 – Čeština (Czech)) (Version: 23.0.46.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.3.0 (HKLM-x32\...\{448BC38C-2654-48CD-BB43-F59A37854A3E}) (Version: 1.3.0.0 - Autodesk)
Autodesk License Service (x64) - 7.1.4 (HKLM\...\{F53D6D10-7A75-4A39-8C53-A3D855C7C50A}) (Version: 7.1.4.0 - Autodesk)
Autodesk Material Library 2019 (HKLM-x32\...\{8F69EE2C-DC34-4746-9B47-7511147BD4B0}) (Version: 17.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2019 (HKLM-x32\...\{3AAA4C1B-51DA-487D-81A3-4234DBB9A8F9}) (Version: 17.11.3.0 - Autodesk)
Autodesk ReCap (HKLM\...\{50EDF910-0000-1033-0102-E3D118CE2EEA}) (Version: 5.0.0.40 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap 360) (Version: 5.0.0.40 - Autodesk)
Autodesk ReCap Photo (HKLM\...\{0E4FA9C0-0000-1033-0102-1B3A7F15D307}) (Version: 19.0.0.38 - Autodesk) Hidden
Autodesk ReCap Photo (HKLM\...\Autodesk ReCap Photo) (Version: 19.0.0.38 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6938.199 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
FARO LS 1.1.700.0 (64bit) (HKLM-x32\...\{FF6E9382-0B85-48DE-888F-76EFD9A87038}) (Version: 7.0.0.23 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.47 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.105 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.105 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.8.78 - Autodesk)
Speciální aplikace Autodesk 2016-2019 (HKLM-x32\...\{79F5747D-A961-4CCD-88B0-41F004D79AEB}) (Version: 2.5.0 - Autodesk)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2020-11-03] (Dolby Laboratories)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-28] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\e0469640.lenovoutility_3.1.18.0_x64__5grkq8ppsgwt4 [2020-11-03] (LENOVO INC) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\nvidiacorp.nvidiacontrolpanel_8.1.958.0_x64__56jybvy8sckqj [2020-11-03] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt [2020-11-14] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2020-11-03] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0 [2020-11-14] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{4AC6DFE1-607B-45B2-B289-D7FBCD44169C}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2019\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2019\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2018-06-07] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2018-06-07] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_6de98d46a9fc896b\nvshext.dll [2020-07-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-14 14:16 - 2020-11-14 14:17 - 041670144 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2970.0_x64__8j3eq9eme6ctt\IGCC.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-11-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ADFB8126-6470-4FCE-AA9F-410AE2021D88}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82FC8EA8-EAA6-4C96-BE48-372B1E7A598B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A0E2566-34A2-4EC4-8A2E-FD945934E1BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E9F8F22A-4BAB-4877-BFF3-20861ED82755}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D8261C8D-8134-4689-B5A2-6EE23B1BAB48}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{995882DB-AB23-4855-AB9B-ED962B753D55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A9385B2-0FF3-4FE5-9DF0-CEA9ACC9D5EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E29AA788-E741-48FF-8A41-388C762C283B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DEDC0562-2FD4-42BB-8FFA-B24676719936}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0BEBBDEF-4C2A-4CD6-9789-B348072CCB2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C77D9DB7-3F53-439D-A521-77E8B3F5B153}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84A5FB42-674B-4885-973F-B1AB6836701D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{238BA159-7F0C-4532-ADDC-054E9138B04B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1F4F9E1E-5CFB-47A2-9F81-C1540B13BB68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5190BF6-10CD-4F16-B98A-07ACD9192224}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7464599E-7DA1-4E6D-9AB1-72410A561439}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.146.916.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B6D40FD-6A01-4548-AF94-AC9CA34571E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F68AA80-3C7E-46E1-AE90-A97471A44C43}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{063A0BC7-4BF6-4F40-BB6C-462DE576C44A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB4CBE5E-C4C8-40A5-9C34-7296865CA27B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9EBE40B8-0531-4803-9FDC-A9FF171BA7B7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

08-11-2020 17:40:53 Naplánovaný kontrolní bod
19-11-2020 05:52:16 Naplánovaný kontrolní bod
27-11-2020 09:54:46 Naplánovaný kontrolní bod
28-11-2020 13:36:13 AdwCleaner_BeforeCleaning_28/11/2020_13:36:13

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/28/2020 02:07:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5024,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/28/2020 01:57:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3808,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (11/28/2020 01:49:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/28/2020 01:49:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/28/2020 01:36:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (11/28/2020 02:04:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/28/2020 02:02:27 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1040) (User: LAPTOP-EJO9GE0M)
Description: Jazykovou sadu pro sk-SK nelze odinstalovat, protože není nainstalována.

Error: (11/28/2020 01:50:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/28/2020 01:50:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/28/2020 01:49:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/28/2020 01:49:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImControllerService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/28/2020 01:38:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/28/2020 01:37:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===================================

Date: 2020-11-29 08:17:04.011
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-11-29 08:16:58.460
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-29 08:16:58.459
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-11-29 08:16:53.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-29 08:16:53.717
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-29 08:16:53.615
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-29 08:16:53.597
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-11-29 08:16:53.573
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: LENOVO BGCN24WW 08/19/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 8072.24 MB
Available physical RAM: 4054.41 MB
Total Virtual: 9352.24 MB
Available Virtual: 4266.54 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:358.96 GB) NTFS
Drive d: (KINGSTON) (Removable) (Total:28.85 GB) (Free:3.34 GB) NTFS

\\?\Volume{cf1e6b02-72a1-4864-8a80-cf313469e317}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{15c47271-bd09-4b83-8714-0cd62d70517f}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 6BE9965B)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 46C7C999)
Partition 1: (Active) - (Size=28.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {15CAD0F2-D7E3-4E32-A02D-A556CE219608} - \Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e -> No File <==== ATTENTION
Task: {33B23D48-DB08-4E37-9594-0033FEB001E2} - \Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038 -> No File <==== ATTENTION
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {CA40B1FE-169E-4034-B44E-07F65EF3A66C} - \Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1 -> No File <==== ATTENTION
Task: {F7FC150B-1CB5-4DA9-90C3-C68516A27420} - \Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97 -> No File <==== ATTENTION
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-11-2020
Ran by manat (30-11-2020 13:17:54) Run:1
Running from C:\Users\manat\Desktop
Loaded Profiles: manat
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> DefaultScope {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
SearchScopes: HKU\S-1-5-21-4210255883-2599605577-1647361875-1001 -> {FE2CC469-496B-414C-9EEE-6D6BD044CF33} URL =
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00F08D73-6153-46E5-BF0B-B7175E33AE61} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {15CAD0F2-D7E3-4E32-A02D-A556CE219608} - \Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e -> No File <==== ATTENTION
Task: {33B23D48-DB08-4E37-9594-0033FEB001E2} - \Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038 -> No File <==== ATTENTION
Task: {7A997971-2F05-4A07-BFCC-64C69AB1CDD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {8EACC801-0F5D-4523-A928-E92F0B68D7E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-02] (Google LLC -> Google LLC)
Task: {CA40B1FE-169E-4034-B44E-07F65EF3A66C} - \Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1 -> No File <==== ATTENTION
Task: {F7FC150B-1CB5-4DA9-90C3-C68516A27420} - \Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97 -> No File <==== ATTENTION
Task: {FC5660CA-73DD-4F1C-A95E-6AA417D47074} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {FF83E879-821A-42C0-AB8B-700375588F5C} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FE2CC469-496B-414C-9EEE-6D6BD044CF33} => removed successfully
"HKU\S-1-5-21-4210255883-2599605577-1647361875-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00F08D73-6153-46E5-BF0B-B7175E33AE61}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00F08D73-6153-46E5-BF0B-B7175E33AE61}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15CAD0F2-D7E3-4E32-A02D-A556CE219608}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15CAD0F2-D7E3-4E32-A02D-A556CE219608}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6a455f56-dd39-4448-a278-55bb50cacf9e" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33B23D48-DB08-4E37-9594-0033FEB001E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33B23D48-DB08-4E37-9594-0033FEB001E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\97f7be51-0a07-414e-9a57-ea96b24ba038" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A997971-2F05-4A07-BFCC-64C69AB1CDD4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A997971-2F05-4A07-BFCC-64C69AB1CDD4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8EACC801-0F5D-4523-A928-E92F0B68D7E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EACC801-0F5D-4523-A928-E92F0B68D7E2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA40B1FE-169E-4034-B44E-07F65EF3A66C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA40B1FE-169E-4034-B44E-07F65EF3A66C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\973b7550-c72e-4ea2-aaf6-6fc0648775c1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7FC150B-1CB5-4DA9-90C3-C68516A27420}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7FC150B-1CB5-4DA9-90C3-C68516A27420}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\304aa98c-fa99-48c3-9305-437f8bf21f97" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC5660CA-73DD-4F1C-A95E-6AA417D47074}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC5660CA-73DD-4F1C-A95E-6AA417D47074}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF83E879-821A-42C0-AB8B-700375588F5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF83E879-821A-42C0-AB8B-700375588F5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19066238 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 12087616 B
Edge => 0 B
Chrome => 503531239 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 501671 B
systemprofile32 => 501671 B
LocalService => 546165 B
NetworkService => 546165 B
manat => 462225322 B

RecycleBin => 21413970709 B
EmptyTemp: => 20.9 GB temporary data Removed.

================================

Smazáno. Ještě ručně smažte tento soubor: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat

Hotovo, paráda... Děkuji

Nemáte zač!