VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

nabourání e-mailu

https://forum.viry.cz:443/viewtopic.php?t=157997

Stránka 1 z 1

nabourání e-mailu

Napsal: 28 bře 2021 13:43
od wemika
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2021
Ran by veron (administrator) on LAPTOP-S2PRM5CN (LENOVO 81YQ) (28-03-2021 14:30:14)
Running from C:\Users\veron\Desktop
Loaded Profiles: veron
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361383.inf_amd64_cfccffda602342c4\B361368\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361383.inf_amd64_cfccffda602342c4\B361368\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\veron\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_274b8a1dabbd8d3a\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\veron\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\drivers\SessionService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.166.1.16\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.166.1.16\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Overwolf Ltd -> Overwolf LTD) C:\Users\veron\AppData\Local\Overwolf\ProcessCache\0.166.1.16\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_711600cb280d10fd\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_711600cb280d10fd\RtkAudUService64.exe [1195312 2020-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4087528 2021-03-23] (Valve -> Valve Corporation)
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1746776 2021-02-26] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Run: [AvastBrowserAutoLaunch_33021BB372CE2E37D872A10418B3B481] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8688.91\Installer\chrmstp.exe [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DD857B9-EAB3-45E1-B54D-6C8F61A92BA5} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
Task: {18094DDD-C758-46CA-A587-76A008AA04D7} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758536 2018-03-26] (Lenovo -> )
Task: {1B459F34-0F23-4E09-A7DD-5A9F530AF8FA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f6b87b56-65f7-4087-9fe3-bb5f38bb73fd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {1DBDFA73-6375-42A9-8F3D-10FD585B1172} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {35B88544-0577-4CFC-ADC6-87A00C06FCA3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-15] (Avast Software s.r.o. -> AVAST Software)
Task: {380C7684-886A-40A5-9DAB-D5ECB5B69FE3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2250232 2021-03-15] (Avast Software s.r.o. -> AVAST Software)
Task: {487304C2-8744-4405-BF5B-F47A23F48781} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {51E53A1F-E3E7-45D8-B3B5-EFC0F320CD1F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d535c209-ad10-43db-a297-0bbecee6b22c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {55F00776-1AB2-412F-8D3A-AEB09C0BCCE8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\24feb4ec-f9d7-4d9f-97e6-5a8037160303 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {5DDF4FBD-CD7D-4E91-94CA-3C46ED11A62C} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
Task: {5E8BB1D6-4DD3-473E-8F2F-E56C43CFAC1A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {65919A8B-FE4F-43AA-A4BD-01D9C8DDB41F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a3e0ab09-17e8-4aa7-a205-c4607dc7c753 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {7D0E5855-10A5-4CD1-863C-E95565447DB8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1511320 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {841F4C79-CF5B-4745-B8B7-EE7A6577473F} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {8E51D163-33C6-41F3-8E2A-891EAE80443C} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {97A0341F-F3D0-42DD-8BBF-41014ED94FCE} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
Task: {9942A79F-D531-4BD8-9526-3E403C94B27F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B46E089C-6311-4BDE-8F37-0FB12E32109F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C6287EE5-582E-474B-BA17-C6DDF434AD19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {C760C84C-3971-419A-B45A-64B65D2BB457} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {CA2DC4FA-359D-4332-94E5-A9302BBEB3C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC513A9F-7A19-4A73-9799-818CC8158629} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758536 2018-03-26] (Lenovo -> )
Task: {E3DDBC8A-0198-4CB1-9B13-DC9637878F53} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62368 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {ED7A08A9-F325-4854-90B0-1174E9010023} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2494078391-1676477522-3798027442-1001 => C:\Users\veron\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87848 2021-01-22] (Lenovo (Beijing) Limited -> Lenovo Group Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{fb0d92b8-23a8-4db5-98d0-9981c6bf3364}: [DhcpNameServer] 150.205.1.2

Edge:
=======
DownloadDir: C:\Users\veron\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001 -> hxxp://seznam.cz/
Edge Notifications: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001 -> hxxps://www.kosik.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\veron\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-28]
Edge DownloadDir: C:\Users\veron\Downloads
Edge Notifications: Default -> hxxps://teams.microsoft.com; hxxps://www.kosik.cz
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"

FireFox:
========
FF DefaultProfile: 1uopm31j.default
FF ProfilePath: C:\Users\veron\AppData\Roaming\Mozilla\Firefox\Profiles\1uopm31j.default [2020-11-07]
FF ProfilePath: C:\Users\veron\AppData\Roaming\Mozilla\Firefox\Profiles\cwwvv04f.default-release [2021-03-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8688.91\elevation_service.exe [1504864 2021-03-15] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [364928 2020-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_274b8a1dabbd8d3a\LenovoUtilityService.exe [529216 2020-05-20] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1808920 2020-04-25] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [952992 2021-03-26] (McAfee, LLC -> McAfee, LLC)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2491736 2021-02-26] (Overwolf Ltd -> Overwolf LTD)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_711600cb280d10fd\RtkAudUService64.exe [1195312 2020-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SessionSvc; C:\WINDOWS\System32\drivers\SessionService.exe [28296 2020-03-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181072 2019-07-22] (GENESYS LOGIC, INC. -> Genesys Logic)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-28 14:30 - 2021-03-28 14:30 - 000019046 _____ C:\Users\veron\Desktop\FRST.txt
2021-03-28 14:29 - 2021-03-28 14:30 - 000000000 ____D C:\FRST
2021-03-28 14:28 - 2021-03-28 14:27 - 002298368 _____ (Farbar) C:\Users\veron\Desktop\FRST64.exe
2021-03-28 14:26 - 2021-03-28 14:27 - 002298368 _____ (Farbar) C:\Users\veron\Downloads\FRST64.exe
2021-03-28 14:20 - 2021-03-28 14:22 - 000000000 ____D C:\ProgramData\McInstTemp0235451616934056
2021-03-28 13:54 - 2021-03-28 13:54 - 006341552 _____ (ESET) C:\Users\veron\Downloads\eset_internet_security_live_installer.exe
2021-03-28 13:48 - 2021-03-28 13:51 - 000000000 ____D C:\Users\veron\AppData\Local\AVAST Software
2021-03-28 13:48 - 2021-03-28 13:48 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-03-28 13:48 - 2021-03-28 13:48 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2021-03-28 13:48 - 2021-03-28 13:48 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2021-03-28 13:48 - 2021-03-28 13:48 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2021-03-28 13:48 - 2021-03-28 13:48 - 000002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-03-28 13:48 - 2021-03-28 13:48 - 000002550 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-03-28 13:48 - 2021-03-28 13:48 - 000002550 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-03-28 13:48 - 2021-03-28 13:48 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-03-28 13:46 - 2021-03-28 13:46 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-03-28 13:46 - 2021-03-28 13:46 - 000002163 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-03-28 13:46 - 2021-03-28 13:46 - 000002163 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2021-03-28 13:46 - 2021-03-28 13:46 - 000000000 ____D C:\Users\veron\AppData\Roaming\Avast Software
2021-03-28 13:45 - 2021-03-28 13:45 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw14cf7280dcd59fb3.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw77de9cd320a78ff8.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw0d661d23c3f1ce54.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw24b5aad5dabe0d7a.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-28 13:45 - 2021-03-28 13:45 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd0a6871839db42dd.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1a0b6ce5ca30acd4.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw360411ee5b4ebdbb.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7d5041ea4a5f2008.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4b25178c5c16887d.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw85706f739acd1fb5.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw5efec911de13ae30.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw83ebd00a61e38622.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw67f32f6d8e432296.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw122bba2f76ce0d9e.tmp
2021-03-28 13:45 - 2021-03-28 13:45 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw7250edbe81441899.tmp
2021-03-28 13:44 - 2021-03-28 14:16 - 000000000 ____D C:\ProgramData\Avast Software
2021-03-28 13:44 - 2021-03-28 13:44 - 000000000 ____D C:\Program Files\Avast Software
2021-03-28 13:43 - 2021-03-28 13:43 - 000220392 _____ (AVAST Software) C:\Users\veron\Downloads\avast_free_antivirus_setup_online.exe
2021-03-23 20:05 - 2021-03-23 20:06 - 000195093 _____ C:\Users\veron\Downloads\pozvanka.pdf
2021-03-23 18:49 - 2021-03-28 14:28 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-23 18:46 - 2021-03-23 18:46 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-23 18:44 - 2021-03-28 14:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-23 18:44 - 2021-03-23 18:44 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-03-23 18:44 - 2021-03-23 18:44 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-03-23 18:44 - 2021-03-23 18:44 - 000004030 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2021-03-23 18:44 - 2021-03-23 18:44 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-23 18:44 - 2021-03-23 18:44 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-23 18:44 - 2021-03-23 18:44 - 000003244 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2021-03-23 18:44 - 2021-03-23 18:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2494078391-1676477522-3798027442-1001
2021-03-23 18:44 - 2021-03-23 18:44 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2494078391-1676477522-3798027442-500
2021-03-23 18:44 - 2021-03-23 18:44 - 000000020 ___SH C:\Users\veron\ntuser.ini
2021-03-23 18:44 - 2021-03-23 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2021-03-23 18:44 - 2021-03-23 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-2494078391-1676477522-3798027442-1001
2021-03-23 18:44 - 2021-03-23 18:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-03-23 18:44 - 2020-05-13 09:09 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2414761626-3881631753-1266577645-500
2021-03-23 18:44 - 2019-10-17 06:12 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3354727278-81800435-1074778100-500
2021-03-23 18:40 - 2021-03-28 13:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-23 18:40 - 2021-03-23 18:40 - 000436144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-23 18:39 - 2021-03-28 14:22 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-23 18:39 - 2021-03-23 18:44 - 000000000 ____D C:\Windows.old
2021-03-23 10:53 - 2021-03-23 18:39 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-23 10:51 - 2021-03-23 18:44 - 000000000 ____D C:\Users\veron
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Šablony
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Soubory cookie
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Poslední
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Okolní tiskárny
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Okolní síť
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Nabídka Start
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Dokumenty
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Documents\Obrázky
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Documents\Hudba
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Documents\Filmy
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\Data aplikací
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-03-23 10:51 - 2021-03-23 10:51 - 000000000 _SHDL C:\Users\veron\AppData\Local\Data aplikací
2021-03-23 10:51 - 2019-12-07 11:10 - 000001105 _____ C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-23 10:49 - 2021-03-23 10:53 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-03-23 10:46 - 2021-03-23 10:46 - 000000000 ____D C:\ProgramData\ssh
2021-03-23 10:41 - 2021-03-23 10:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-23 10:41 - 2021-03-23 10:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-23 10:41 - 2021-03-23 10:41 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-23 10:41 - 2021-03-23 10:41 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-23 10:41 - 2021-03-23 10:41 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-23 10:41 - 2021-03-23 10:41 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-23 10:41 - 2021-03-23 10:41 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-23 10:41 - 2021-03-23 10:41 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-23 10:41 - 2021-03-23 10:41 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-23 10:41 - 2021-03-23 10:41 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-23 10:41 - 2021-03-23 10:41 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-23 10:41 - 2021-03-23 10:41 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-23 10:41 - 2021-03-23 10:41 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-23 10:41 - 2021-03-23 10:41 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-23 10:41 - 2021-03-23 10:41 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-23 10:40 - 2021-03-23 10:40 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-23 10:40 - 2021-03-23 10:40 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-23 10:40 - 2021-03-23 10:40 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-03-23 10:40 - 2021-03-23 10:40 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-23 10:40 - 2021-03-23 10:40 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-23 10:40 - 2021-03-23 10:40 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-03-23 10:40 - 2021-03-23 10:40 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-23 10:40 - 2021-03-23 10:40 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-23 10:39 - 2021-03-23 10:39 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-23 10:39 - 2021-03-23 10:39 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-23 10:39 - 2021-03-23 10:39 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-23 10:39 - 2021-03-23 10:39 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-03-23 10:39 - 2021-03-23 10:39 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-23 10:39 - 2021-03-23 10:39 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-23 10:39 - 2021-03-23 10:39 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-03-23 10:39 - 2021-03-23 10:39 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-23 10:39 - 2021-03-23 10:39 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-23 10:39 - 2021-03-23 10:39 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-03-23 10:39 - 2021-03-23 10:39 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-23 10:38 - 2021-03-23 10:38 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-03-23 10:38 - 2021-03-23 10:38 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-23 10:38 - 2021-03-23 10:38 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-23 10:38 - 2021-03-23 10:38 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-23 10:38 - 2021-03-23 10:38 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-03-23 10:38 - 2021-03-23 10:38 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-03-23 10:38 - 2021-03-23 10:38 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\Program Files\MSBuild
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-22 23:39 - 2021-03-22 23:39 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-22 23:33 - 2021-03-22 23:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-21 16:37 - 2021-03-23 18:44 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-21 16:32 - 2021-03-21 16:32 - 000000000 ___HD C:\$WinREAgent
2021-03-21 11:58 - 2021-03-21 11:58 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2021-03-19 20:05 - 2021-03-19 20:05 - 000103952 _____ C:\Users\veron\Desktop\Pozvanka_0804_souhrnny seminar.pdf
2021-03-16 10:32 - 2021-03-16 12:19 - 000000000 ____D C:\Users\veron\Desktop\ŽADATEL
2021-03-14 15:34 - 2021-03-14 15:34 - 000016317 _____ C:\Users\veron\Downloads\000Seznam_+urcenych_+skol_16+rijen_2020_web.xlsx
2021-03-12 17:54 - 2021-03-12 18:48 - 945797578 _____ C:\Users\veron\Downloads\Cista duse (2001) CZ.mkv
2021-03-06 12:11 - 2020-11-26 12:09 - 001792752 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-06 12:11 - 2020-11-26 12:09 - 001792752 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-06 12:11 - 2020-11-26 12:09 - 001383152 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-06 12:11 - 2020-11-26 12:09 - 001383152 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-06 12:11 - 2020-11-26 12:09 - 001094192 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 001094192 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000953040 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000953040 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000745712 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000630000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000099568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000084208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000055536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-03-06 12:11 - 2020-11-26 12:09 - 000052464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 064827632 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 053693680 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 004639472 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 004150000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 001783024 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 001350384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 001350384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000769264 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000505584 _____ C:\WINDOWS\system32\GameManager64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000502000 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000477424 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000465136 _____ C:\WINDOWS\system32\atieah64.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000441584 _____ C:\WINDOWS\system32\EEURestart.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000388848 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000360688 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000348400 _____ C:\WINDOWS\system32\clinfo.exe
2021-03-06 12:11 - 2020-11-26 12:08 - 000254192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000221936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000191232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000175856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000167488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000149744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000144624 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000143600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000134384 _____ C:\WINDOWS\system32\atidxx64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000131312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000129264 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000116464 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000115952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000079088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000028616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-03-06 12:11 - 2020-11-26 12:08 - 000028616 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 071039216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 001709560 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 001386072 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000950000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000777456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000562416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000562080 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000498416 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000475376 _____ C:\WINDOWS\system32\amdlogum.exe
2021-03-06 12:11 - 2020-11-26 12:07 - 000392432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000388848 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000207144 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000176240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000146048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000140320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000140320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000130208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000118048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-03-06 12:11 - 2020-11-26 12:07 - 000118040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-03-06 12:11 - 2020-11-26 10:43 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-03-06 12:11 - 2020-11-26 10:43 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-03-06 12:11 - 2020-11-26 10:43 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2021-03-06 12:11 - 2020-11-26 10:43 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2021-03-06 12:11 - 2020-11-26 10:43 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2021-03-06 12:11 - 2020-11-26 10:43 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2021-03-06 12:11 - 2020-11-26 10:43 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2021-03-06 12:11 - 2020-11-26 10:43 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2021-03-06 12:11 - 2020-11-26 10:43 - 000125488 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-03-06 12:11 - 2020-11-26 10:43 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2021-03-06 12:11 - 2020-11-26 10:42 - 000544264 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-03-06 12:11 - 2020-11-26 10:42 - 000544264 _____ C:\WINDOWS\system32\atiapfxx.blb
2021-03-06 12:11 - 2020-11-26 10:42 - 000069770 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-03-03 09:58 - 2021-02-23 19:24 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-03-03 09:58 - 2021-02-23 19:24 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-03-03 09:58 - 2021-02-23 19:23 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-28 14:28 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-28 14:28 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-28 14:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-28 14:23 - 2021-01-01 23:57 - 000002187 _____ C:\Users\veron\Desktop\CurseForge.lnk
2021-03-28 14:23 - 2021-01-01 23:55 - 000000000 ____D C:\Users\veron\AppData\Local\Overwolf
2021-03-28 14:23 - 2020-11-14 16:58 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-28 14:23 - 2020-07-14 07:53 - 000000000 ___RD C:\Users\veron\OneDrive
2021-03-28 14:22 - 2020-05-13 09:23 - 000000000 ____D C:\ProgramData\McAfee
2021-03-28 14:22 - 2020-05-13 09:23 - 000000000 ____D C:\Program Files\McAfee
2021-03-28 14:22 - 2020-05-13 09:20 - 000000000 ____D C:\ProgramData\Goodix
2021-03-28 14:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-28 14:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-28 14:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-28 14:22 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-28 14:21 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-28 14:21 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-28 14:18 - 2020-07-14 07:51 - 000000000 ____D C:\Users\veron\AppData\Local\D3DSCache
2021-03-28 14:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-28 14:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-28 13:50 - 2020-11-13 19:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-28 13:50 - 2020-11-07 01:02 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-28 13:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-28 13:48 - 2020-09-30 18:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-28 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-03-27 09:53 - 2020-07-26 08:22 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-27 09:53 - 2020-07-26 08:22 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-27 09:53 - 2020-07-26 08:22 - 000002285 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-23 19:01 - 2020-07-14 07:51 - 000000000 ____D C:\Users\veron\AppData\Local\Packages
2021-03-23 19:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-23 18:46 - 2020-07-14 07:53 - 000000000 ____D C:\Users\veron\AppData\Local\PlaceholderTileLogoFolder
2021-03-23 18:46 - 2019-10-17 06:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-23 18:45 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-23 18:44 - 2020-07-14 07:51 - 000000000 ___RD C:\Users\veron\3D Objects
2021-03-23 18:44 - 2020-07-14 07:32 - 000000000 ____D C:\ProgramData\Packages
2021-03-23 18:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-23 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-23 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-23 18:42 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-03-23 18:40 - 2020-05-13 09:20 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2021-03-23 18:40 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-23 18:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-23 18:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-23 18:39 - 2021-01-02 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2021-03-23 18:39 - 2021-01-02 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2021-03-23 18:39 - 2021-01-02 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-03-23 18:39 - 2021-01-01 23:57 - 000000000 ____D C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2021-03-23 18:39 - 2021-01-01 23:33 - 000000000 ____D C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-23 18:39 - 2020-11-14 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-03-23 18:39 - 2020-09-16 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-03-23 18:39 - 2020-08-23 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2021-03-23 18:39 - 2020-08-23 17:39 - 000000000 ____D C:\Users\veron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-03-23 18:39 - 2020-07-13 22:46 - 000000000 ____D C:\Program Files\UNP
2021-03-23 18:39 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-23 18:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-03-23 18:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-03-23 18:39 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-23 18:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-23 18:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-23 10:54 - 2020-07-14 07:51 - 000000000 ____D C:\WINDOWS\Lenovo
2021-03-23 10:54 - 2020-05-13 09:20 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-03-23 10:46 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-23 10:46 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-23 10:46 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-23 10:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-23 10:45 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-03-23 10:45 - 2019-12-07 16:44 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-03-22 23:43 - 2019-12-07 16:43 - 000000000 ____D C:\WINDOWS\OCR
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-03-22 23:41 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-03-22 23:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-03-22 23:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-03-22 23:17 - 2020-05-13 09:14 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-20 13:23 - 2020-11-07 01:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-20 00:19 - 2020-11-07 01:02 - 000000000 ____D C:\Users\veron\AppData\LocalLow\Mozilla
2021-03-16 09:33 - 2019-10-17 06:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-10 11:15 - 2020-07-18 15:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 11:07 - 2020-07-18 15:50 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-09 10:22 - 2021-01-01 23:57 - 000000000 ____D C:\Program Files (x86)\Overwolf

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2021
Ran by veron (28-03-2021 14:32:20)
Running from C:\Users\veron\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2021-03-23 16:44:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2494078391-1676477522-3798027442-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2494078391-1676477522-3798027442-503 - Limited - Disabled)
Guest (S-1-5-21-2494078391-1676477522-3798027442-501 - Limited - Disabled)
veron (S-1-5-21-2494078391-1676477522-3798027442-1001 - Administrator - Enabled) => C:\Users\veron
WDAGUtilityAccount (S-1-5-21-2494078391-1676477522-3798027442-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 89.0.8688.91 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CurseForge (HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.171.1.4 - Overwolf app)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Lenovo Service Bridge (HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.1.7 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0072 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13801.20360 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.63 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 87.0 (x64 cs) (HKLM\...\Mozilla Firefox 87.0 (x64 cs)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 82.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.166.1.16 - Overwolf Ltd.)
Overwolf.Setup.VC100CRTx86.Dist (HKLM-x32\...\{8989DBC1-E87B-448F-9147-57EEEC5A24A5}) (Version: 1.0.0 - Overwolf) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.582 - McAfee, LLC)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10027.0_x64__0a9344xs7nr4m [2021-03-23] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2021-03-23] (Advanced Micro Devices Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.3.30.0_x86__kgqvnymyfvs32 [2021-03-20] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.55.4.0_x86__kgqvnymyfvs32 [2021-03-25] (king.com)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2020-07-28] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_7.20.756.0_x64__17mer8kcn3j54 [2021-03-20] (Mirametrix Inc.) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-28] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-21] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2020-11-03] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-07-19] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-02-11 23:07 - 2020-05-30 16:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll
2020-12-21 12:22 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-07-14 07:56 - 2020-04-09 09:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001 -> DefaultScope {2FA14408-0D39-4AB4-90B9-199E264C6B02} URL =
SearchScopes: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001 -> {2FA14408-0D39-4AB4-90B9-199E264C6B02} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-03-26] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-01-02] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\...\sharepoint.com -> hxxps://cckp9-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2494078391-1676477522-3798027442-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\veron\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3A08AA55-6B7F-4392-B665-5AA7DC5F417D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BE690773-09FA-4855-9CF1-AE83866C8823}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{10196B3E-3EB1-46BA-AD18-788F6153D585}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77AFA6CB-BE2C-4F30-8C9E-D5A43631CA24}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3122E988-7FE0-4C23-90C8-0D98BE63CF0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2CE57746-C514-4F5C-AD7C-9E82A49949F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{598A739A-6306-4FB6-90F3-C70A37A7C1E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{363FE68E-03C3-43E0-9F5B-3B13510DBB31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{480A7EE9-EEE3-4026-9EE0-8B5A029B2997}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1CAE23CC-6B95-45F4-BFE4-E8A2C5BB4975}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{853CDB8F-75CC-44D8-B413-399A5E448692}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8AA2D563-E401-49A9-A359-A059E15BEB26}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1AABA110-FA0A-40FC-9D87-A8BAE7684D17}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{9F28AA03-745A-486F-BC21-D27F447D4817}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D4169708-1A4F-4B8E-AEE0-1A3B66A3D079}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{AA37AF0D-6910-4D4A-B83B-EC720FD00A34}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5ECBA0A9-5CE0-4DDD-8377-BF5222693FA4}] => (Allow) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{0D236A75-A7A0-43A5-86C4-AA68E5A138DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{669F0672-18BF-4BC0-890A-0514A8460CCE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4B96B1A-225A-4E89-9D1E-931D395D1DEF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50B5E7DA-2BBD-4D67-83C0-6B0B82587D54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8FFD6E71-BD13-4F0F-8104-A1C803DC9E0F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3706A036-0960-4176-977B-A3DF19DA03D4}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [TCP Query User{8A79ACF6-F650-4BF3-9C9D-5713BE069101}C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios -> )
FirewallRules: [{4AD71AEA-9311-408E-A592-C0EADD14B687}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{2EC8A6FA-6AD5-4745-B0E6-6DA004ABF4E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios -> Larian Studios)
FirewallRules: [{195EABD9-C31D-48DE-8B91-A3EADD142E25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DDDA649F-4868-4A06-957D-844DE1694E3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B5972F38-9BED-4317-AE8E-4339C2ED9E94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{87E557BE-5E37-4DA4-A437-209DDE6BDD3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{DC47A353-A5BD-4D71-8E1A-56DCF89830A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3C476EC2-9166-447B-B852-E5E2DEB7FC88}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{3DF81E51-487E-4B90-AF69-21CB4581D692}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DC996CE3-B3E6-450B-BA66-B88CF902873C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1B3EBC7F-0D7A-4F6F-A770-8BEB710CEB1B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6124D33E-29C0-440C-87E6-34104BBE6E36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E82FE443-CC40-42D2-B57B-DDBB0CC28A47}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{FCB90729-AB4D-4F22-97E0-3FC1CF2B4C78}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{E3D2A686-53B2-4068-9204-975820A903AA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD2F02AB-8179-41AB-8900-FD7E27EEF5ED}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

28-03-2021 13:48:36 Instalační služba modulů systému Windows
28-03-2021 13:49:05 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/28/2021 02:23:11 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/28/2021 02:19:37 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.

Error: (03/28/2021 02:19:37 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (03/28/2021 02:18:41 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2021 10:29:58 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2021 10:29:57 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2021 07:01:19 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-S2PRM5CN)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2021 04:25:08 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007


System errors:
=============
Error: (03/28/2021 02:23:59 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 02:22:51 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 02:22:15 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 02:21:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 02:18:16 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2021 01:57:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/28/2021 01:57:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (03/28/2021 01:47:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-S2PRM5CN)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2021-03-28 14:23:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.166.1.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-28 14:23:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.166.1.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-28 14:19:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO E7CN36WW 11/23/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 4500U with Radeon Graphics
Percentage of memory in use: 63%
Total physical RAM: 7542.8 MB
Available physical RAM: 2782.89 MB
Total Virtual: 12150.8 MB
Available Virtual: 7032.29 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:252.14 GB) NTFS

\\?\Volume{7c5ba8c6-df9e-4dbd-b127-dd435bdee148}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.54 GB) NTFS
\\?\Volume{6db244b7-1efc-4072-8872-9146cff87cc1}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8F87DCD3)

Partition: GPT.

==================== End of Addition.txt =======================

Re: nabourání e-mailu

Napsal: 28 bře 2021 15:07
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: nabourání e-mailu

Napsal: 28 bře 2021 20:08
od wemika
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-03-22.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-28-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted HKLM\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2946 octets] - [28/03/2021 21:03:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: nabourání e-mailu

Napsal: 28 bře 2021 20:47
od Rudy
Dejte nové logy FRST+Addition.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz