Prosím o preventivní kontrolu po uzamčení malware
Napsal: 25 led 2022 21:18
Dobrý den,
chtěl bych požádat o kontrolu logu. Avast mi uzamkl IDP.generic do karantény, po kontrole karantény jsem zjistil, že jsou zde uzamčeny položky, které jsem si nepamatoval.
FRST log níže.
Předem mockrát děkuji za ochotu a pomoc.
P. S. SmartScreen od Windows defender mi nechtěl FRST spustit. Pokračování jsem tak povolil. Následně mi i Avast zobrazil hlášku, zdali chci povolit programu přístup do chráněné složky Desktop (kvůli texťáku s logem)
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atiesrxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\VUL\McVulCtr.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\stepa\AppData\Local\Microsoft\OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1171184 2020-09-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\stepa\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> )
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33620960 2022-01-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 21.245.1128.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\21.245.1128.0002"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03E383AB-197B-47AE-9A84-FB6DAB1B6D15} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {069681D9-C2CF-4B67-8C96-EF6812D96D2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B999641-312E-49AE-B92F-53863DE92739} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {0C8A1620-42A4-4EF5-AFF1-96622CC7BC47} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {10AC3968-4FB6-4C53-A42E-B626CD2317E8} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {12B60DF6-4F44-46A5-9835-4D530C0EFF9F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {1A5E9616-BA46-42BB-8AFD-21D0FC6A680B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D0D43D6-CBF1-478D-8BC3-A12B95B719CD} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
Task: {1D5B880A-AB3E-4736-8776-BF0DC046C7C7} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {303C0A16-1C6C-40E5-B308-37210C671695} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1830992e-852b-4966-9187-c63a20b48c76 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {33BF268F-940E-432E-912A-CD86C00B6E6B} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {408FEE92-4714-4C2E-B070-FAE2CA9B4551} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {42DBA88A-4FC4-4EA7-ADEB-808577AAE76F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {49EA738E-D545-4F84-A503-0B1347E483CA} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {4B82195F-4664-4653-A1A1-4BB83BED120D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {60446D0E-543F-41E8-B164-D660B99846E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-10-11] (Avast Software s.r.o. -> Avast Software)
Task: {6085614B-2F24-46FE-8495-1E13D9955F07} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4696128 2021-11-18] (McAfee, LLC -> McAfee, LLC)
Task: {61B2F7B0-ED5D-4D4D-96D5-C4948CBB4EDC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {754A0A7A-8548-40E2-88FA-176BE9A58F33} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1d6b123e-ffec-46c8-ab92-b4c2c209e748 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {7C6E06F8-2468-4913-836B-9845778E02BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81B793EC-DDEA-4979-8BFB-C0391E5E70F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {8288514E-3FA6-4EA4-964A-CBE88E936203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {84A2190F-1701-493E-85B5-8772DE8A2060} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)
Task: {99A873B2-3B96-4131-B8B3-ECDF53765135} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A0B83ED7-CDE3-49CA-8E9E-A3B9D9E7D0E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64248 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {A22654D7-8CCA-454D-B95D-DF6423BE6CA2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A90D2E19-82F5-4642-B012-DF9275A27132} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {B09A8B00-7983-4334-B6A3-586ABF83EC5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE71C509-3D76-49E4-A479-366A861F49C4} - System32\Tasks\McAfee Subscription job => \\?\C:\Program Files\McAfee\NexsJobs\McSubscriptionJob.exe [3438816 2022-01-14] (McAfee, LLC -> )
Task: {D83CB9F9-EB01-4B2E-A567-D759912B1562} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9f7ab900-1811-4350-8ec2-f6a15da67cfc => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {D8CE8A8C-15DC-4638-ADDF-90121FE14031} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {DB454F78-C9A9-4536-A235-65FC7D5F9792} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afe48ad9-98e7-4365-b6e1-cc00c7b8a5b0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {DC2A7E03-E963-43EC-8505-436AF6883AC1} - System32\Tasks\CCleanerSkipUAC - stepa => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD43DC0D-8792-4A71-8035-3FA365CAECC7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {DD4B41D5-A1EA-4996-8C4E-2A3207B57746} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE34C9F5-157B-4FD9-B379-61C742C6B082} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7DC3C12-AF15-4EF5-8901-1EF39A03B512} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E81B89DA-28A6-4CE7-B2DC-227827A3D2B3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {EE6E0F86-DAA1-44AD-966A-C14B03643BBE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5bc4d5ec-dc91-46e6-968d-6fe7776d401b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {FE7D933B-94EE-4A66-8530-1A8A17270C08} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-14]
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default [2022-01-25]
CHR Extension: (Prezentace) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-11]
CHR Extension: (Dokumenty) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-11]
CHR Extension: (Disk Google) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-11]
CHR Extension: (YouTube) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-11]
CHR Extension: (Tabulky) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-11]
CHR Extension: (I don't care about cookies) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-01-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-05]
CHR Extension: (Grammarly for Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-11]
CHR Extension: (Gmail) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [377712 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe [201472 2021-11-21] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2022-01-13] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [797576 2021-11-17] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-25] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\\McCSPServiceHost.exe [2671064 2021-11-12] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1257520 2021-05-03] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1678048 2021-10-28] (McAfee, LLC -> McAfee, LLC)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-10-11] (Microsoft Windows -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_1c7347b4b6a6d779\amdacpafd.sys [265528 2020-11-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\amdkmdag.sys [83123536 2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-09-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 netrtp; C:\WINDOWS\System32\DRIVERS\netrtp.sys [46576 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-10-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-10-13] (WireGuard LLC -> WireGuard LLC)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-25 21:04 - 2022-01-25 21:04 - 000033863 _____ C:\Users\stepa\Desktop\FRST.txt
2022-01-25 21:04 - 2022-01-25 21:04 - 000000000 ____D C:\FRST
2022-01-25 21:00 - 2022-01-25 21:00 - 002311680 _____ (Farbar) C:\Users\stepa\Desktop\FRST64.exe
2022-01-25 20:33 - 2022-01-25 20:33 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Sony
2022-01-25 12:44 - 2022-01-25 13:06 - 000049332 _____ C:\Users\stepa\Downloads\Mezenský - Vstupní dotazník (Entrance form).xlsx
2022-01-24 23:51 - 2022-01-24 23:51 - 000000000 ____D C:\Users\stepa\AppData\Local\4kdownload.com
2022-01-24 23:11 - 2022-01-24 23:12 - 004517198 _____ C:\Users\stepa\Downloads\quiz.pptx.pdf
2022-01-24 13:20 - 2022-01-24 13:20 - 000319600 _____ C:\Users\stepa\Downloads\RISKUJ.pptx
2022-01-23 16:42 - 2022-01-25 18:27 - 000000000 ____D C:\Users\stepa\Desktop\pubquiz - výročí
2022-01-14 16:08 - 2022-01-14 16:03 - 000046576 _____ C:\WINDOWS\system32\Drivers\netrtp.sys
2022-01-14 16:04 - 2022-01-14 16:04 - 000000000 ___HD C:\$AV_ASW
2022-01-14 16:03 - 2022-01-14 16:04 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Lenovo
2022-01-14 16:03 - 2022-01-14 16:03 - 150958240 _____ (Lenovo) C:\Users\stepa\Downloads\lenovopcmanager_apps.exe
2022-01-13 20:25 - 2022-01-13 20:32 - 1059133781 _____ C:\Users\stepa\Downloads\DOD 2022.mp4
2022-01-13 18:45 - 2022-01-14 16:11 - 000000000 ____D C:\ProgramData\McInstTemp0094491642095916
2022-01-12 19:55 - 2022-01-12 19:55 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-11 23:09 - 2022-01-11 23:09 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-11 23:03 - 2022-01-11 23:03 - 000000000 ___HD C:\$WinREAgent
2022-01-11 17:34 - 2022-01-11 17:34 - 002384287 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP (1).pptx
2022-01-11 17:32 - 2022-01-11 17:32 - 002384296 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 003585970 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 000252091 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pdf
2022-01-11 17:29 - 2022-01-11 17:29 - 000051724 _____ C:\Users\stepa\Downloads\DOD_2022_JG.pptx
2022-01-10 14:00 - 2022-01-11 17:43 - 000000000 ____D C:\Users\stepa\Desktop\HRY
2022-01-10 13:06 - 2022-01-10 13:06 - 000000000 ____D C:\Users\stepa\Desktop\SPSS komplet
2022-01-10 13:03 - 2022-01-10 13:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-01-07 23:22 - 2022-01-07 23:22 - 000507148 _____ C:\Users\stepa\Desktop\2218097511.pdf
2022-01-07 23:18 - 2022-01-07 23:19 - 000000000 ____D C:\Users\stepa\Desktop\photoshop
2022-01-07 21:05 - 2022-01-07 21:05 - 010786722 _____ C:\Users\stepa\Downloads\ReplicationClassPaper_12.30.pdf
2022-01-07 20:45 - 2022-01-07 20:45 - 000098078 _____ C:\Users\stepa\Downloads\StepanMezensky.pdf
2022-01-06 16:03 - 2022-01-06 16:03 - 000094904 _____ C:\Users\stepa\Desktop\radiofee.pdf
2022-01-06 15:48 - 2022-01-06 15:48 - 000000000 ____D C:\Users\stepa\AppData\Local\LenovoServiceBridge
2022-01-05 20:17 - 2022-01-23 20:24 - 000000000 ____D C:\Users\stepa\Desktop\DOD
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ C:\Users\stepa\AppData\Local\recently-used.xbel
2022-01-04 16:36 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\Desktop\GIMP
2022-01-04 16:35 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\AppData\Local\gtk-2.0
2022-01-04 16:29 - 2022-01-04 16:29 - 017224314 _____ C:\Users\stepa\Downloads\covery_template.psd
2022-01-04 16:27 - 2022-01-04 16:41 - 000000000 ____D C:\Users\stepa\AppData\Local\babl-0.1
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\gegl-0.4
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\.cache
2022-01-04 16:25 - 2022-01-04 16:25 - 000000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.30.lnk
2022-01-04 16:23 - 2022-01-04 16:24 - 000000000 ____D C:\Program Files\GIMP 2
2022-01-04 16:22 - 2022-01-04 16:22 - 257259032 _____ (The GIMP Team ) C:\Users\stepa\Downloads\gimp-2.10.30-setup.exe
2022-01-03 15:14 - 2022-01-03 15:14 - 000069998 _____ C:\Users\stepa\Downloads\abschluss991ec8da-6f91-4904-89ba-ca3d893de719.pdf
2021-12-29 09:06 - 2021-12-29 09:06 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-29 09:06 - 2021-12-29 09:06 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-29 09:06 - 2021-12-29 09:06 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-27 16:39 - 2021-12-27 16:39 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901 (1).pdf
2021-12-27 16:37 - 2021-12-27 16:37 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901.pdf
2021-12-27 16:36 - 2021-12-27 16:36 - 000344574 _____ C:\Users\stepa\Downloads\Informacni memorandum.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-25 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-25 20:58 - 2021-10-11 00:36 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-25 20:30 - 2021-12-12 15:41 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-25 20:30 - 2021-11-29 18:39 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F95A899A-FAB6-4AA6-8240-140235E151DC}
2022-01-25 20:30 - 2021-10-12 17:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\vlc
2022-01-25 20:30 - 2021-10-12 16:59 - 000002508 _____ C:\WINDOWS\system32\Tasks\McAfee Subscription job
2022-01-25 20:30 - 2021-10-11 01:08 - 000002662 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2022-01-25 20:30 - 2021-10-11 00:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-25 20:30 - 2021-10-11 00:32 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-25 20:30 - 2021-10-11 00:32 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - stepa
2022-01-25 20:30 - 2021-10-11 00:26 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-25 20:30 - 2021-10-11 00:14 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-25 20:30 - 2021-10-11 00:14 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-25 20:30 - 2021-10-11 00:13 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-25 20:30 - 2021-10-10 22:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 20:30 - 2021-10-10 22:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-25 20:24 - 2021-10-10 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-25 20:02 - 2021-10-12 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-01-25 18:32 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 16:30 - 2021-10-11 00:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-25 15:34 - 2021-10-11 00:11 - 000000000 ____D C:\Users\stepa\AppData\Local\D3DSCache
2022-01-25 08:26 - 2021-10-11 00:32 - 000000000 ____D C:\Program Files\CCleaner
2022-01-25 00:18 - 2021-11-06 16:07 - 000000000 ____D C:\Users\stepa\AppData\Roaming\audacity
2022-01-24 13:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-24 11:50 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Goodix
2022-01-24 11:50 - 2021-10-05 13:03 - 000000000 ____D C:\Users\stepa\Desktop\filmy
2022-01-23 21:14 - 2021-08-29 12:22 - 000000000 ___RD C:\Users\stepa\OneDrive
2022-01-23 17:07 - 2021-10-11 00:33 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-23 11:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 21:02 - 2021-10-11 00:15 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-11 00:15 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-10 22:55 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-22 21:02 - 2020-11-19 08:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-20 16:16 - 2021-10-10 23:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-20 16:16 - 2019-12-07 15:41 - 000717834 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-20 16:16 - 2019-12-07 15:41 - 000144996 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-20 01:18 - 2021-10-10 23:08 - 000002392 _____ C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-19 19:05 - 2021-10-19 14:23 - 000000000 ____D C:\Users\stepa\Desktop\MiroPodcast
2022-01-19 12:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-17 16:26 - 2021-04-14 23:50 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-15 14:20 - 2021-10-11 01:05 - 000000000 ____D C:\Users\stepa\AppData\Local\CrashDumps
2022-01-14 17:04 - 2021-10-11 00:25 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-14 17:04 - 2021-10-11 00:25 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-14 16:14 - 2021-10-14 08:23 - 000000000 __RSD C:\Users\stepa\Documents\Trezory společnosti McAfee
2022-01-14 16:11 - 2021-10-13 08:34 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-14 16:11 - 2021-10-11 00:30 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-14 16:11 - 2021-10-11 00:13 - 000000000 ____D C:\Users\stepa\AppData\Local\Lenovo
2022-01-14 16:11 - 2021-10-10 23:08 - 000000000 ____D C:\Users\stepa
2022-01-14 16:11 - 2021-10-10 22:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-14 16:11 - 2021-04-14 23:58 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-01-14 16:11 - 2020-11-27 01:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-14 16:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-14 16:11 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-14 16:08 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Lenovo
2022-01-14 16:08 - 2021-04-14 23:57 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-01-13 01:07 - 2021-08-29 12:20 - 000064248 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-13 01:06 - 2021-08-29 12:20 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-13 01:06 - 2021-08-29 12:20 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-13 01:06 - 2021-04-14 23:49 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-12 21:26 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-12 19:55 - 2021-10-11 00:24 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Zoom
2022-01-12 19:55 - 2021-08-31 14:07 - 000001942 _____ C:\Users\stepa\Desktop\Zoom.lnk
2022-01-12 00:57 - 2021-10-10 22:54 - 000437064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-11 23:03 - 2021-10-12 23:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-11 23:02 - 2021-10-12 23:30 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 17:43 - 2021-11-30 00:22 - 000000000 ____D C:\Users\stepa\Desktop\IBM SPSS Statistics 26.0 IF006 + Crack [www.TheWindowsForum.com].rar
2022-01-07 23:29 - 2021-10-10 22:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-07 23:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-01-07 21:05 - 2021-09-05 20:55 - 000000000 ____D C:\Users\stepa\Desktop\reproduction
2021-12-29 09:06 - 2021-10-11 00:33 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-29 09:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== Files in the root of some directories ========
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ () C:\Users\stepa\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition__________________________
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2022
Ran by stepa (25-01-2022 21:05:21)
Running from C:\Users\stepa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2021-10-10 22:16:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1915851472-2192339704-3292565872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1915851472-2192339704-3292565872-503 - Limited - Disabled)
Guest (S-1-5-21-1915851472-2192339704-3292565872-501 - Limited - Disabled)
stepa (S-1-5-21-1915851472-2192339704-3292565872-1001 - Administrator - Enabled) => C:\Users\stepa
WDAGUtilityAccount (S-1-5-21-1915851472-2192339704-3292565872-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Audacity 3.1.2 (HKLM\...\Audacity_is1) (Version: 3.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1091 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
IBM SPSS Statistics 26 (HKLM-x32\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R41 - McAfee, LLC)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 4 - MSI Co., LTD)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
OpenVPN 2.5.0-I601 amd64 (HKLM\...\{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}) (Version: 2.5.019 - OpenVPN, Inc.)
R for Windows 4.1.1 (HKLM\...\R for Windows 4.1.1_is1) (Version: 4.1.1 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 2021.09.0+351 - RStudio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.663 - McAfee, LLC)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m [2021-11-25] (Advanced Micro Devices Inc.) [Startup Task]
AV1 Video Extension -> C:\Program Files\WindowsApps\microsoft.av1videoextension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20602.609.0_x64__rz1tebttyb220 [2021-10-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-19] (Microsoft Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_8.20.2269.0_x64__17mer8kcn3j54 [2021-12-22] (Mirametrix Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-25] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-24] (LENOVO INC.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt [2021-12-16] (Facebook Inc) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.4.4.0_x64__bzg06mxvgh4fa [2022-01-14] (V3TApps)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.17.231.0_x64__dt26b99r8h8gj [2021-10-11] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Smart Microphone Setting -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.0.38.0_x64__4pejv7q2gmsnr [2021-10-11] (Fortemedia)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-23] (Spotify AB) [Startup Task]
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2149.4.0_x64__cv1g1gvanyjgm [2022-01-23] (WhatsApp Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\stepa\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\stepa\Desktop\CATI NMS - Volani z domova\3. Prohlizec CATI NMS.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://cati.nms-mr.com
==================== Loaded Modules (Whitelisted) =============
2021-10-11 00:53 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2021-08-29 17:08 - 2021-08-29 17:11 - 000258048 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stepa\OneDrive\Pictures\background\rainbow_texture679.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90BE4D9A-4E6F-4330-BE0C-93E3909186B9}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{142092D6-A540-4409-9F1A-2789A7966AD2}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{99717A7B-5B50-4519-BC22-A7802A869230}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DAC5FF3-5D23-4BDD-8ABD-DE43F17EE517}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8522670A-572B-45B2-AD6E-E5880CD6490E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6AC4204-A446-4AF9-BC9A-8720DEA41F35}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D429E0D-5D8F-4527-92D3-A5AE1EE482BF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C4363F-E59C-4DCC-BB68-58558EFF786B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2A5191A0-2AF2-4AF1-982A-2A0DAB3DC749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65643EFB-AB0A-4460-807A-AA4C96AA3545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{37EAB394-6071-4794-87A6-4EEB10700F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{A99F274E-0462-41B5-98D0-FD763D25F5D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8659AC6B-F352-4E3A-B9C1-FC7B4A820447}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{F707F5AE-5FCA-4DF4-A5EB-B2C435966C4B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2D96B337-9D2B-4D87-A20F-296E6718A554}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2473B47C-8CE8-4060-8467-C4F26D7E7340}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{34A1B26B-916D-40F6-B0E2-3B34119F00A6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53E38E1-E230-4F0E-97D5-281741C5605A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{592B3B90-4FAB-48A0-B9B0-CB4AA0EF57AD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9BD50D10-8F03-48F2-A3FE-DAD613BAD1C2}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE9D95CE-574E-4916-AF88-A4E837EC9B7C}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{736FF52B-9B7D-41D1-880C-B3A6BCEB870B}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF7113C6-8069-42AB-BC1E-9AB2D2CCEEA5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{3C4EF203-176A-4B20-9F0E-A067B4E1437E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7ABC7093-FB2C-4F24-8CA0-232C2D11B41C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4345FE25-71DA-49F3-A8F5-C58426CDBF75}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{403CB423-6789-4828-BB7B-DD65B9CA3CCA}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{6DFD9827-E1EC-4041-9E07-4B575C888527}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F75880F5-76CD-4C1C-92FD-D210A6AD9635}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A8F3D334-BD5F-4E5A-BECC-6A382A9BBE0D}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{AB3EAEC8-48C8-47CF-8E5D-0C93B51782B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{697E4AEC-3CF2-4A81-B15D-71F115F35A58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{2B7C6AC8-5966-4985-93E4-2D045A8C5658}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6453AFEB-B7CE-4AF1-8286-CA4AB535BE9D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{77D54001-8B4D-4401-90DC-6F4A47B28534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{D5D6CC11-3102-4E4F-A4CD-BAAB352F88F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{B153C39B-4E59-4865-A661-21F1B3540C1C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D6C8535B-1F8A-407D-A759-7F3429C7A3FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3A069091-6BCD-4B90-83A2-66450D1C6D07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6B608769-3630-486F-96C9-E795EB5FD23E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02CE6CD0-C9C4-4C38-AC63-5490783C71A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{433EAD33-C14F-46A6-A192-BB3E8B27E09E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E142D2D-1AAE-4C20-8E8D-463A6E7549B3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{71BE5422-B093-4D91-9E62-4EFCDF4FCA6B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61D7766B-3011-4D69-88EE-85C2FC300C1F}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{6FBA622D-98D4-4864-97B1-68BB7F453502}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{E0E2ED93-C868-4DAD-86B1-AA3EFEC11E04}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B8393AB-AE75-4004-891E-1A74D1FF6068}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CE7196B-CEDE-453C-8617-7EEA0EB34E7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B81FAD9E-41C4-4927-8BB4-1598E136C832}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{751534B8-14A9-4A63-877A-757D12FE5235}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EA7890F8-7FD8-458E-B7EE-F155C3D6740B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44AD6A89-7DD0-48E4-9982-9298DE34FA75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DB9C9A7-0F50-4A20-9FC2-C7A24C748F21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85BB7811-2008-406A-B0F3-7148DEB8647E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{722915E1-EC29-4109-8BEE-1087C7B0E120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8A2D58-19F2-445A-999F-80986F7D7E6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1A2BAD2-651D-4524-A3DE-E7FA739F60EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AF69B7B-47AE-4404-BCAE-46DB8CBA9600}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:475.69 GB) (Free:253.24 GB) (53%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2022 02:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EpicWebHelper.exe, verze: 4.23.0.0, časové razítko: 0x61dc8e98
Název chybujícího modulu: libcef.dll, verze: 84.1.6.0, časové razítko: 0x5ed84288
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002be0e39
ID chybujícího procesu: 0x1b0c
Čas spuštění chybující aplikace: 0x01d80a12b32e2a4c
Cesta k chybující aplikaci: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
ID zprávy: ff010605-d2b4-476d-b1b4-5f528721f9a4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/14/2022 04:12:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 14 Jan 2022 15:12:00 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a2d67399-17db-4345-97d8-54dd8b84eac0
Metoda: GET(204ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/12/2022 09:25:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 12 Jan 2022 20:25:38 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1daf471e-8853-4cb8-abb3-7fe2cece9bfd
Metoda: GET(266ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:28 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Jan 2022 23:57:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 01b238df-4fc5-490a-ae4d-2480965e637f
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:00 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/12/2022 12:57:00 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (01/25/2022 02:30:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/24/2022 11:50:14 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {479d73be-c7bf-440e-a523-e3e8c3caa1f8}, došlo k události 74.
Error: (01/23/2022 09:13:28 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error: (01/20/2022 05:19:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/20/2022 04:16:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (01/19/2022 06:04:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/19/2022 04:51:43 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (01/19/2022 03:06:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2022-01-25 02:30:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2CF7D384-1DDC-46DE-B073-BB94151A0028}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-24 13:20:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {41671466-5836-48A6-B00A-3A5708F0C7DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-20 17:03:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {19B878C8-E97D-45A7-8D0B-ACD56EDC18C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-19 12:54:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3E3EE13-0F1A-4ADC-BF89-DA95B14F2852}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-18 01:49:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D5E24CAA-C5F7-4441-9B1F-A7E3694CA747}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-01-25 19:34:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswidsagent.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-25 12:27:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-25 12:27:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-25 12:27:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO G5CN16WW(V1.04) 02/03/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 5700U with Radeon Graphics
Percentage of memory in use: 64%
Total physical RAM: 15722.31 MB
Available physical RAM: 5587.3 MB
Total Virtual: 24938.31 MB
Available Virtual: 9859.8 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:253.24 GB) (Protected) NTFS
\\?\Volume{9e6b0568-7b8a-49ac-9a30-4b40ae471739}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{ca95f999-bea6-46fc-8c11-b2f477cb7ad0}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D29A838C)
Partition: GPT.
==================== End of Addition.txt =======================
chtěl bych požádat o kontrolu logu. Avast mi uzamkl IDP.generic do karantény, po kontrole karantény jsem zjistil, že jsou zde uzamčeny položky, které jsem si nepamatoval.
FRST log níže.
Předem mockrát děkuji za ochotu a pomoc.
P. S. SmartScreen od Windows defender mi nechtěl FRST spustit. Pokračování jsem tak povolil. Následně mi i Avast zobrazil hlášku, zdali chci povolit programu přístup do chráněné složky Desktop (kvůli texťáku s logem)
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atieclxx.exe
(Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atiesrxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\VUL\McVulCtr.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\stepa\AppData\Local\Microsoft\OneDrive\22.002.0103.0004\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1171184 2020-09-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\stepa\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> )
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33620960 2022-01-12] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\RunOnce: [Uninstall 21.245.1128.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\stepa\AppData\Local\Microsoft\OneDrive\21.245.1128.0002"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03E383AB-197B-47AE-9A84-FB6DAB1B6D15} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [443248 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {069681D9-C2CF-4B67-8C96-EF6812D96D2D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B999641-312E-49AE-B92F-53863DE92739} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {0C8A1620-42A4-4EF5-AFF1-96622CC7BC47} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {10AC3968-4FB6-4C53-A42E-B626CD2317E8} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {12B60DF6-4F44-46A5-9835-4D530C0EFF9F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {1A5E9616-BA46-42BB-8AFD-21D0FC6A680B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1D0D43D6-CBF1-478D-8BC3-A12B95B719CD} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4969240 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
Task: {1D5B880A-AB3E-4736-8776-BF0DC046C7C7} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [201584 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
Task: {303C0A16-1C6C-40E5-B308-37210C671695} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1830992e-852b-4966-9187-c63a20b48c76 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {33BF268F-940E-432E-912A-CD86C00B6E6B} - \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance -> No File <==== ATTENTION
Task: {408FEE92-4714-4C2E-B070-FAE2CA9B4551} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {42DBA88A-4FC4-4EA7-ADEB-808577AAE76F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {49EA738E-D545-4F84-A503-0B1347E483CA} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {4B82195F-4664-4653-A1A1-4BB83BED120D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {60446D0E-543F-41E8-B164-D660B99846E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-10-11] (Avast Software s.r.o. -> Avast Software)
Task: {6085614B-2F24-46FE-8495-1E13D9955F07} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4696128 2021-11-18] (McAfee, LLC -> McAfee, LLC)
Task: {61B2F7B0-ED5D-4D4D-96D5-C4948CBB4EDC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {754A0A7A-8548-40E2-88FA-176BE9A58F33} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1d6b123e-ffec-46c8-ab92-b4c2c209e748 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {7C6E06F8-2468-4913-836B-9845778E02BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81B793EC-DDEA-4979-8BFB-C0391E5E70F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {8288514E-3FA6-4EA4-964A-CBE88E936203} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {84A2190F-1701-493E-85B5-8772DE8A2060} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)
Task: {99A873B2-3B96-4131-B8B3-ECDF53765135} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A0B83ED7-CDE3-49CA-8E9E-A3B9D9E7D0E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64248 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {A22654D7-8CCA-454D-B95D-DF6423BE6CA2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A90D2E19-82F5-4642-B012-DF9275A27132} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {B09A8B00-7983-4334-B6A3-586ABF83EC5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE71C509-3D76-49E4-A479-366A861F49C4} - System32\Tasks\McAfee Subscription job => \\?\C:\Program Files\McAfee\NexsJobs\McSubscriptionJob.exe [3438816 2022-01-14] (McAfee, LLC -> )
Task: {D83CB9F9-EB01-4B2E-A567-D759912B1562} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9f7ab900-1811-4350-8ec2-f6a15da67cfc => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {D8CE8A8C-15DC-4638-ADDF-90121FE14031} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {DB454F78-C9A9-4536-A235-65FC7D5F9792} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afe48ad9-98e7-4365-b6e1-cc00c7b8a5b0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {DC2A7E03-E963-43EC-8505-436AF6883AC1} - System32\Tasks\CCleanerSkipUAC - stepa => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD43DC0D-8792-4A71-8035-3FA365CAECC7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {DD4B41D5-A1EA-4996-8C4E-2A3207B57746} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE34C9F5-157B-4FD9-B379-61C742C6B082} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7DC3C12-AF15-4EF5-8901-1EF39A03B512} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4191328 2021-12-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E81B89DA-28A6-4CE7-B2DC-227827A3D2B3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {EE6E0F86-DAA1-44AD-966A-C14B03643BBE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5bc4d5ec-dc91-46e6-968d-6fe7776d401b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
Task: {FE7D933B-94EE-4A66-8530-1A8A17270C08} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-14]
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-11-20] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default [2022-01-25]
CHR Extension: (Prezentace) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-11]
CHR Extension: (Dokumenty) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-11]
CHR Extension: (Disk Google) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-11]
CHR Extension: (YouTube) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-11]
CHR Extension: (Tabulky) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-11]
CHR Extension: (I don't care about cookies) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-01-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-05]
CHR Extension: (Grammarly for Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-01-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-11]
CHR Extension: (Gmail) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8480848 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [452888 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [377712 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84264 2022-01-13] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2f1b6109fa237c16\LenovoUtilityService.exe [201472 2021-11-21] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971504 2022-01-13] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [797576 2021-11-17] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-25] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.8.102.0\\McCSPServiceHost.exe [2671064 2021-11-12] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1257520 2021-05-03] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1678048 2021-10-28] (McAfee, LLC -> McAfee, LLC)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-10-11] (Microsoft Windows -> Microsoft Corporation)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [116592 2021-07-21] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_1c7347b4b6a6d779\amdacpafd.sys [265528 2020-11-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\amdkmdag.sys [83123536 2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-29] (Avast Software s.r.o. -> AVAST Software)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-09-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 netrtp; C:\WINDOWS\System32\DRIVERS\netrtp.sys [46576 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-10-13] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-10-13] (WireGuard LLC -> WireGuard LLC)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-25 21:04 - 2022-01-25 21:04 - 000033863 _____ C:\Users\stepa\Desktop\FRST.txt
2022-01-25 21:04 - 2022-01-25 21:04 - 000000000 ____D C:\FRST
2022-01-25 21:00 - 2022-01-25 21:00 - 002311680 _____ (Farbar) C:\Users\stepa\Desktop\FRST64.exe
2022-01-25 20:33 - 2022-01-25 20:33 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Sony
2022-01-25 12:44 - 2022-01-25 13:06 - 000049332 _____ C:\Users\stepa\Downloads\Mezenský - Vstupní dotazník (Entrance form).xlsx
2022-01-24 23:51 - 2022-01-24 23:51 - 000000000 ____D C:\Users\stepa\AppData\Local\4kdownload.com
2022-01-24 23:11 - 2022-01-24 23:12 - 004517198 _____ C:\Users\stepa\Downloads\quiz.pptx.pdf
2022-01-24 13:20 - 2022-01-24 13:20 - 000319600 _____ C:\Users\stepa\Downloads\RISKUJ.pptx
2022-01-23 16:42 - 2022-01-25 18:27 - 000000000 ____D C:\Users\stepa\Desktop\pubquiz - výročí
2022-01-14 16:08 - 2022-01-14 16:03 - 000046576 _____ C:\WINDOWS\system32\Drivers\netrtp.sys
2022-01-14 16:04 - 2022-01-14 16:04 - 000000000 ___HD C:\$AV_ASW
2022-01-14 16:03 - 2022-01-14 16:04 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Lenovo
2022-01-14 16:03 - 2022-01-14 16:03 - 150958240 _____ (Lenovo) C:\Users\stepa\Downloads\lenovopcmanager_apps.exe
2022-01-13 20:25 - 2022-01-13 20:32 - 1059133781 _____ C:\Users\stepa\Downloads\DOD 2022.mp4
2022-01-13 18:45 - 2022-01-14 16:11 - 000000000 ____D C:\ProgramData\McInstTemp0094491642095916
2022-01-12 19:55 - 2022-01-12 19:55 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-01-11 23:09 - 2022-01-11 23:09 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-11 23:09 - 2022-01-11 23:09 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-11 23:03 - 2022-01-11 23:03 - 000000000 ___HD C:\$WinREAgent
2022-01-11 17:34 - 2022-01-11 17:34 - 002384287 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP (1).pptx
2022-01-11 17:32 - 2022-01-11 17:32 - 002384296 _____ C:\Users\stepa\Downloads\Den otevřených dveří- představení SOSP.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 003585970 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pptx
2022-01-11 17:30 - 2022-01-11 17:30 - 000252091 _____ C:\Users\stepa\Downloads\CJP_DOD_ISS_2022.pdf
2022-01-11 17:29 - 2022-01-11 17:29 - 000051724 _____ C:\Users\stepa\Downloads\DOD_2022_JG.pptx
2022-01-10 14:00 - 2022-01-11 17:43 - 000000000 ____D C:\Users\stepa\Desktop\HRY
2022-01-10 13:06 - 2022-01-10 13:06 - 000000000 ____D C:\Users\stepa\Desktop\SPSS komplet
2022-01-10 13:03 - 2022-01-10 13:03 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-01-07 23:22 - 2022-01-07 23:22 - 000507148 _____ C:\Users\stepa\Desktop\2218097511.pdf
2022-01-07 23:18 - 2022-01-07 23:19 - 000000000 ____D C:\Users\stepa\Desktop\photoshop
2022-01-07 21:05 - 2022-01-07 21:05 - 010786722 _____ C:\Users\stepa\Downloads\ReplicationClassPaper_12.30.pdf
2022-01-07 20:45 - 2022-01-07 20:45 - 000098078 _____ C:\Users\stepa\Downloads\StepanMezensky.pdf
2022-01-06 16:03 - 2022-01-06 16:03 - 000094904 _____ C:\Users\stepa\Desktop\radiofee.pdf
2022-01-06 15:48 - 2022-01-06 15:48 - 000000000 ____D C:\Users\stepa\AppData\Local\LenovoServiceBridge
2022-01-05 20:17 - 2022-01-23 20:24 - 000000000 ____D C:\Users\stepa\Desktop\DOD
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ C:\Users\stepa\AppData\Local\recently-used.xbel
2022-01-04 16:36 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\Desktop\GIMP
2022-01-04 16:35 - 2022-01-04 16:36 - 000000000 ____D C:\Users\stepa\AppData\Local\gtk-2.0
2022-01-04 16:29 - 2022-01-04 16:29 - 017224314 _____ C:\Users\stepa\Downloads\covery_template.psd
2022-01-04 16:27 - 2022-01-04 16:41 - 000000000 ____D C:\Users\stepa\AppData\Local\babl-0.1
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\GIMP
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\AppData\Local\gegl-0.4
2022-01-04 16:27 - 2022-01-04 16:27 - 000000000 ____D C:\Users\stepa\.cache
2022-01-04 16:25 - 2022-01-04 16:25 - 000000957 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.30.lnk
2022-01-04 16:23 - 2022-01-04 16:24 - 000000000 ____D C:\Program Files\GIMP 2
2022-01-04 16:22 - 2022-01-04 16:22 - 257259032 _____ (The GIMP Team ) C:\Users\stepa\Downloads\gimp-2.10.30-setup.exe
2022-01-03 15:14 - 2022-01-03 15:14 - 000069998 _____ C:\Users\stepa\Downloads\abschluss991ec8da-6f91-4904-89ba-ca3d893de719.pdf
2021-12-29 09:06 - 2021-12-29 09:06 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-29 09:06 - 2021-12-29 09:06 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-29 09:06 - 2021-12-29 09:06 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-27 16:39 - 2021-12-27 16:39 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901 (1).pdf
2021-12-27 16:37 - 2021-12-27 16:37 - 000045812 _____ C:\Users\stepa\Downloads\Výpis za rok 2020 účet 6915468901.pdf
2021-12-27 16:36 - 2021-12-27 16:36 - 000344574 _____ C:\Users\stepa\Downloads\Informacni memorandum.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-25 21:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-25 20:58 - 2021-10-11 00:36 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-25 20:30 - 2021-12-12 15:41 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-25 20:30 - 2021-11-29 18:39 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F95A899A-FAB6-4AA6-8240-140235E151DC}
2022-01-25 20:30 - 2021-10-12 17:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\vlc
2022-01-25 20:30 - 2021-10-12 16:59 - 000002508 _____ C:\WINDOWS\system32\Tasks\McAfee Subscription job
2022-01-25 20:30 - 2021-10-11 01:08 - 000002662 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2022-01-25 20:30 - 2021-10-11 00:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-01-25 20:30 - 2021-10-11 00:32 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-25 20:30 - 2021-10-11 00:32 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - stepa
2022-01-25 20:30 - 2021-10-11 00:26 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-25 20:30 - 2021-10-11 00:14 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-25 20:30 - 2021-10-11 00:14 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-25 20:30 - 2021-10-11 00:13 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-01-25 20:30 - 2021-10-10 22:55 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 20:30 - 2021-10-10 22:55 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-25 20:24 - 2021-10-10 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-25 20:02 - 2021-10-12 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-01-25 18:32 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-25 16:30 - 2021-10-11 00:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-25 15:34 - 2021-10-11 00:11 - 000000000 ____D C:\Users\stepa\AppData\Local\D3DSCache
2022-01-25 08:26 - 2021-10-11 00:32 - 000000000 ____D C:\Program Files\CCleaner
2022-01-25 00:18 - 2021-11-06 16:07 - 000000000 ____D C:\Users\stepa\AppData\Roaming\audacity
2022-01-24 13:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-24 11:50 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Goodix
2022-01-24 11:50 - 2021-10-05 13:03 - 000000000 ____D C:\Users\stepa\Desktop\filmy
2022-01-23 21:14 - 2021-08-29 12:22 - 000000000 ___RD C:\Users\stepa\OneDrive
2022-01-23 17:07 - 2021-10-11 00:33 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-01-23 11:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 21:02 - 2021-10-11 00:15 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-11 00:15 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-22 21:02 - 2021-10-10 22:55 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-22 21:02 - 2020-11-19 08:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-20 16:16 - 2021-10-10 23:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-20 16:16 - 2019-12-07 15:41 - 000717834 _____ C:\WINDOWS\system32\perfh005.dat
2022-01-20 16:16 - 2019-12-07 15:41 - 000144996 _____ C:\WINDOWS\system32\perfc005.dat
2022-01-20 01:18 - 2021-10-10 23:08 - 000002392 _____ C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-19 19:05 - 2021-10-19 14:23 - 000000000 ____D C:\Users\stepa\Desktop\MiroPodcast
2022-01-19 12:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-17 16:26 - 2021-04-14 23:50 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-15 14:20 - 2021-10-11 01:05 - 000000000 ____D C:\Users\stepa\AppData\Local\CrashDumps
2022-01-14 17:04 - 2021-10-11 00:25 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-14 17:04 - 2021-10-11 00:25 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-14 16:14 - 2021-10-14 08:23 - 000000000 __RSD C:\Users\stepa\Documents\Trezory společnosti McAfee
2022-01-14 16:11 - 2021-10-13 08:34 - 000000000 ____D C:\Program Files\TeamViewer
2022-01-14 16:11 - 2021-10-11 00:30 - 000000000 ____D C:\ProgramData\Avast Software
2022-01-14 16:11 - 2021-10-11 00:13 - 000000000 ____D C:\Users\stepa\AppData\Local\Lenovo
2022-01-14 16:11 - 2021-10-10 23:08 - 000000000 ____D C:\Users\stepa
2022-01-14 16:11 - 2021-10-10 22:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-14 16:11 - 2021-04-14 23:58 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-01-14 16:11 - 2020-11-27 01:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-14 16:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-01-14 16:11 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-14 16:08 - 2021-10-10 22:55 - 000000000 ____D C:\ProgramData\Lenovo
2022-01-14 16:08 - 2021-04-14 23:57 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-01-13 01:07 - 2021-08-29 12:20 - 000064248 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-13 01:06 - 2021-08-29 12:20 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-13 01:06 - 2021-08-29 12:20 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-13 01:06 - 2021-04-14 23:49 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-12 21:26 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-12 19:55 - 2021-10-11 00:24 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Zoom
2022-01-12 19:55 - 2021-08-31 14:07 - 000001942 _____ C:\Users\stepa\Desktop\Zoom.lnk
2022-01-12 00:57 - 2021-10-10 22:54 - 000437064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 00:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-11 23:03 - 2021-10-12 23:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-11 23:02 - 2021-10-12 23:30 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 17:43 - 2021-11-30 00:22 - 000000000 ____D C:\Users\stepa\Desktop\IBM SPSS Statistics 26.0 IF006 + Crack [www.TheWindowsForum.com].rar
2022-01-07 23:29 - 2021-10-10 22:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-07 23:29 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-01-07 21:05 - 2021-09-05 20:55 - 000000000 ____D C:\Users\stepa\Desktop\reproduction
2021-12-29 09:06 - 2021-10-11 00:33 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-29 09:06 - 2021-10-11 00:33 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-29 09:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== Files in the root of some directories ========
2022-01-04 16:36 - 2022-01-04 16:36 - 000002172 _____ () C:\Users\stepa\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition__________________________
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2022
Ran by stepa (25-01-2022 21:05:21)
Running from C:\Users\stepa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1466 (X64) (2021-10-10 22:16:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1915851472-2192339704-3292565872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1915851472-2192339704-3292565872-503 - Limited - Disabled)
Guest (S-1-5-21-1915851472-2192339704-3292565872-501 - Limited - Disabled)
stepa (S-1-5-21-1915851472-2192339704-3292565872-1001 - Administrator - Enabled) => C:\Users\stepa
WDAGUtilityAccount (S-1-5-21-1915851472-2192339704-3292565872-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Audacity 3.1.2 (HKLM\...\Audacity_is1) (Version: 3.1.2 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.11.2500 - Avast Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1091 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
IBM SPSS Statistics 26 (HKLM-x32\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R41 - McAfee, LLC)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 4 - MSI Co., LTD)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
OpenVPN 2.5.0-I601 amd64 (HKLM\...\{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}) (Version: 2.5.019 - OpenVPN, Inc.)
R for Windows 4.1.1 (HKLM\...\R for Windows 4.1.1_is1) (Version: 4.1.1 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 2021.09.0+351 - RStudio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.663 - McAfee, LLC)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m [2021-11-25] (Advanced Micro Devices Inc.) [Startup Task]
AV1 Video Extension -> C:\Program Files\WindowsApps\microsoft.av1videoextension_1.1.41601.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20602.609.0_x64__rz1tebttyb220 [2021-10-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-19] (Microsoft Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_8.20.2269.0_x64__17mer8kcn3j54 [2021-12-22] (Mirametrix Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-25] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-24] (LENOVO INC.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1320.12.119.0_x64__8xx8rvfyw5nnt [2021-12-16] (Facebook Inc) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-12] (Microsoft Studios) [MS Ad]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.4.4.0_x64__bzg06mxvgh4fa [2022-01-14] (V3TApps)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.17.231.0_x64__dt26b99r8h8gj [2021-10-11] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)
Smart Microphone Setting -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.0.38.0_x64__4pejv7q2gmsnr [2021-10-11] (Fortemedia)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-23] (Spotify AB) [Startup Task]
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2149.4.0_x64__cv1g1gvanyjgm [2022-01-23] (WhatsApp Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\stepa\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-12-29] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\stepa\Desktop\CATI NMS - Volani z domova\3. Prohlizec CATI NMS.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://cati.nms-mr.com
==================== Loaded Modules (Whitelisted) =============
2021-10-11 00:53 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2021-08-29 17:08 - 2021-08-29 17:11 - 000258048 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-04-14 23:50 - 2021-04-14 23:50 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-10-11 00:53 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2021-04-14 23:56 - 2021-04-14 23:56 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-01-13] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-17] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-11-20] (McAfee, LLC -> McAfee, LLC)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stepa\OneDrive\Pictures\background\rainbow_texture679.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{90BE4D9A-4E6F-4330-BE0C-93E3909186B9}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{142092D6-A540-4409-9F1A-2789A7966AD2}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{99717A7B-5B50-4519-BC22-A7802A869230}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DAC5FF3-5D23-4BDD-8ABD-DE43F17EE517}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8522670A-572B-45B2-AD6E-E5880CD6490E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6AC4204-A446-4AF9-BC9A-8720DEA41F35}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D429E0D-5D8F-4527-92D3-A5AE1EE482BF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C4363F-E59C-4DCC-BB68-58558EFF786B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2A5191A0-2AF2-4AF1-982A-2A0DAB3DC749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65643EFB-AB0A-4460-807A-AA4C96AA3545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{37EAB394-6071-4794-87A6-4EEB10700F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{A99F274E-0462-41B5-98D0-FD763D25F5D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8659AC6B-F352-4E3A-B9C1-FC7B4A820447}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{F707F5AE-5FCA-4DF4-A5EB-B2C435966C4B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2D96B337-9D2B-4D87-A20F-296E6718A554}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2473B47C-8CE8-4060-8467-C4F26D7E7340}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{34A1B26B-916D-40F6-B0E2-3B34119F00A6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53E38E1-E230-4F0E-97D5-281741C5605A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{592B3B90-4FAB-48A0-B9B0-CB4AA0EF57AD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9BD50D10-8F03-48F2-A3FE-DAD613BAD1C2}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE9D95CE-574E-4916-AF88-A4E837EC9B7C}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{736FF52B-9B7D-41D1-880C-B3A6BCEB870B}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF7113C6-8069-42AB-BC1E-9AB2D2CCEEA5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{3C4EF203-176A-4B20-9F0E-A067B4E1437E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7ABC7093-FB2C-4F24-8CA0-232C2D11B41C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4345FE25-71DA-49F3-A8F5-C58426CDBF75}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{403CB423-6789-4828-BB7B-DD65B9CA3CCA}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{6DFD9827-E1EC-4041-9E07-4B575C888527}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F75880F5-76CD-4C1C-92FD-D210A6AD9635}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A8F3D334-BD5F-4E5A-BECC-6A382A9BBE0D}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{AB3EAEC8-48C8-47CF-8E5D-0C93B51782B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{697E4AEC-3CF2-4A81-B15D-71F115F35A58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{2B7C6AC8-5966-4985-93E4-2D045A8C5658}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6453AFEB-B7CE-4AF1-8286-CA4AB535BE9D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{77D54001-8B4D-4401-90DC-6F4A47B28534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{D5D6CC11-3102-4E4F-A4CD-BAAB352F88F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{B153C39B-4E59-4865-A661-21F1B3540C1C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D6C8535B-1F8A-407D-A759-7F3429C7A3FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3A069091-6BCD-4B90-83A2-66450D1C6D07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6B608769-3630-486F-96C9-E795EB5FD23E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02CE6CD0-C9C4-4C38-AC63-5490783C71A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{433EAD33-C14F-46A6-A192-BB3E8B27E09E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E142D2D-1AAE-4C20-8E8D-463A6E7549B3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{71BE5422-B093-4D91-9E62-4EFCDF4FCA6B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61D7766B-3011-4D69-88EE-85C2FC300C1F}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{6FBA622D-98D4-4864-97B1-68BB7F453502}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{E0E2ED93-C868-4DAD-86B1-AA3EFEC11E04}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B8393AB-AE75-4004-891E-1A74D1FF6068}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CE7196B-CEDE-453C-8617-7EEA0EB34E7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B81FAD9E-41C4-4927-8BB4-1598E136C832}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{751534B8-14A9-4A63-877A-757D12FE5235}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EA7890F8-7FD8-458E-B7EE-F155C3D6740B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{44AD6A89-7DD0-48E4-9982-9298DE34FA75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6DB9C9A7-0F50-4A20-9FC2-C7A24C748F21}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{85BB7811-2008-406A-B0F3-7148DEB8647E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{722915E1-EC29-4109-8BEE-1087C7B0E120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA8A2D58-19F2-445A-999F-80986F7D7E6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1A2BAD2-651D-4524-A3DE-E7FA739F60EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2AF69B7B-47AE-4404-BCAE-46DB8CBA9600}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:475.69 GB) (Free:253.24 GB) (53%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/15/2022 02:20:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: EpicWebHelper.exe, verze: 4.23.0.0, časové razítko: 0x61dc8e98
Název chybujícího modulu: libcef.dll, verze: 84.1.6.0, časové razítko: 0x5ed84288
Kód výjimky: 0x80000003
Posun chyby: 0x0000000002be0e39
ID chybujícího procesu: 0x1b0c
Čas spuštění chybující aplikace: 0x01d80a12b32e2a4c
Cesta k chybující aplikaci: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
ID zprávy: ff010605-d2b4-476d-b1b4-5f528721f9a4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/14/2022 04:12:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 14 Jan 2022 15:12:00 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a2d67399-17db-4345-97d8-54dd8b84eac0
Metoda: GET(204ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/14/2022 04:11:30 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/12/2022 09:25:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 12 Jan 2022 20:25:38 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1daf471e-8853-4cb8-abb3-7fe2cece9bfd
Metoda: GET(266ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:28 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-3LMH3KRC$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Jan 2022 23:57:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 01b238df-4fc5-490a-ae4d-2480965e637f
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (01/12/2022 12:57:00 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/12/2022 12:57:00 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (01/25/2022 02:30:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/24/2022 11:50:14 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Microsoft Wi-Fi Direct Virtual Adapter #2, {479d73be-c7bf-440e-a523-e3e8c3caa1f8}, došlo k události 74.
Error: (01/23/2022 09:13:28 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.
Error: (01/20/2022 05:19:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/20/2022 04:16:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (01/19/2022 06:04:30 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/19/2022 04:51:43 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (01/19/2022 03:06:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2022-01-25 02:30:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2CF7D384-1DDC-46DE-B073-BB94151A0028}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-24 13:20:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {41671466-5836-48A6-B00A-3A5708F0C7DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-20 17:03:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {19B878C8-E97D-45A7-8D0B-ACD56EDC18C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-19 12:54:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E3E3EE13-0F1A-4ADC-BF89-DA95B14F2852}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-01-18 01:49:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D5E24CAA-C5F7-4441-9B1F-A7E3694CA747}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-01-25 19:34:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswidsagent.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-25 12:27:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-01-25 12:27:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-01-25 12:27:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO G5CN16WW(V1.04) 02/03/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 5700U with Radeon Graphics
Percentage of memory in use: 64%
Total physical RAM: 15722.31 MB
Available physical RAM: 5587.3 MB
Total Virtual: 24938.31 MB
Available Virtual: 9859.8 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:253.24 GB) (Protected) NTFS
\\?\Volume{9e6b0568-7b8a-49ac-9a30-4b40ae471739}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{ca95f999-bea6-46fc-8c11-b2f477cb7ad0}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D29A838C)
Partition: GPT.
==================== End of Addition.txt =======================
