Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu kvůli divnému chování Chrome

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Prosím o kontrolu logu kvůli divnému chování Chrome

#1 Příspěvek od StepanMez »

Dobrý den,

prosím o kontrolu logu. Chrome mi sám od sebe přepnul na Yahoo jako výchozí vyhledávač. V poslední době jsem instaloval program OpenToonz a stahoval nějaký plugin s příponou .lua pro jiný program (to jsem nespouštěl a nakonec to šlo rovnou do koše). Než budu Chrome restartovat a čistit CCleanerem, chtěl bych požádat o kontrolu, jestli se mi do počítače s něčím nevkradla nějaká havěť.

Předem mockrát děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2022
Ran by stepa (administrator) on LAPTOP-3LMH3KRC (LENOVO 82LM) (20-07-2022 16:45:38)
Running from C:\Users\stepa\Desktop
Loaded Profiles: stepa
Platform: Microsoft Windows 10 Home Version 21H1 19043.1826 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoCompanionAppAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SmartInteractAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <3>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_9bbed958a3d29caf\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_9bbed958a3d29caf\FnHotkeyUtility.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_9bbed958a3d29caf\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1171184 2020-09-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213760 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\stepa\AppData\Local\Microsoft\Teams\Update.exe [2508552 2022-06-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32706000 2022-07-19] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [479632 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Run: [com.messenger] => "C:\Users\stepa\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
Startup: C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL.lnk [2022-07-09]
ShortcutTarget: DeepL.lnk -> C:\Users\stepa\AppData\Local\DeepL\app-4.0.6052\DeepL.exe (DeepL SE -> DeepL SE)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C8A1620-42A4-4EF5-AFF1-96622CC7BC47} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {0ED60875-487E-4B33-83CF-62129149B31A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {12A77F85-1BC0-401B-B31D-C751DE5D3216} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {12B60DF6-4F44-46A5-9835-4D530C0EFF9F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {148E4086-FECD-4E98-A577-99916BBF114E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22F9A61E-488D-4723-BDBB-89BBB1AE2E37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414176 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {26D476E5-07A3-4AC3-AA47-B659D72F3B81} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [181520 2022-02-16] (Lenovo -> Lenovo Group Ltd.)
Task: {35E88B78-D384-43F7-B7F9-17041A58C567} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9b4cac73-952b-4f40-8c27-d31ebb31936d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {389340AE-BA7D-4259-BAA8-96F1DF52820E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\eebec8cb-4395-491e-be7b-554d5f2dd75b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {3FB0A025-B67E-40A9-A3E8-D41CF58306B3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0eb3deab-68fc-40b5-a401-a85e9a86f6e7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {410EDD17-0C91-4935-BD41-0B56E7A73B34} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4682596F-0E8C-4274-AA56-1DA16F087FFB} - System32\Tasks\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {4B82195F-4664-4653-A1A1-4BB83BED120D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1915851472-2192339704-3292565872-1001 => C:\Users\stepa\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88408 2021-12-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {5C588CD2-0C6F-4BF7-BB0D-4DC1859916F4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {60446D0E-543F-41E8-B164-D660B99846E7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {607CD84D-78E2-4F8B-881E-95920A395EA8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {66183271-86EE-4904-9469-5BFB692E90AD} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6F01BAF0-5956-46E1-9207-5807364770DB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac54f51e-007a-417d-9cdb-30fb191327a3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {803A5F23-B389-4CC6-B17C-705DD3BE7B6E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64416 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {8645F14E-109D-4419-8DEF-917AC93B8D3F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90179170-1931-4F31-992D-15BA4A9CCD6E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ccb45f64-3b2d-420f-9db5-54f242f43783 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {90525F99-1BA2-4FA9-BA6F-7153F641A8C8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4938496 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
Task: {922EA311-6779-475B-86CD-AEE915C77899} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [147864 2022-05-12] (Lenovo -> Lenovo Group Ltd.)
Task: {99A873B2-3B96-4131-B8B3-ECDF53765135} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {A0B83ED7-CDE3-49CA-8E9E-A3B9D9E7D0E9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A90D2E19-82F5-4642-B012-DF9275A27132} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B6F9029E-707F-4518-8015-7E79A7E86131} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90920 2022-02-16] (Lenovo -> Lenovo Group Ltd.)
Task: {BD0B70CC-A06C-446E-A19F-8877A14B9FB5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378880 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {BFF50B86-3E1B-4EED-A1ED-CD26B809996E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C73CDA61-8704-4ED3-8264-2648F178C115} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C85187BD-5015-475B-A05D-8F4ECA7EF118} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414176 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC2A7E03-E963-43EC-8505-436AF6883AC1} - System32\Tasks\CCleanerSkipUAC - stepa => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD43DC0D-8792-4A71-8035-3FA365CAECC7} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {DDA15791-9245-4226-A6F9-D3A31153FB62} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E0EC762C-F598-4E32-87FF-5F0351D27B7E} - System32\Tasks\GoogleUpdateTaskMachineUA{3B07CC98-1EA9-469D-A2F0-5BE70B54B489} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
Task: {E7DC3C12-AF15-4EF5-8901-1EF39A03B512} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4201112 2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECC5E9DC-53FD-44A5-859C-E6203FA3C8AF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378880 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{7905d5e9-e234-4f86-82cb-b7ebc618b509}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Edge:
=======
Edge Profile: C:\Users\stepa\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-08]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-06-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default [2022-07-20]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://teams.microsoft.com
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ714G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (I don't care about cookies) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-06-27]
CHR Extension: (QR Code Generator) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2022-02-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-27]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-07-20]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-07-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\stepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8486968 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [590080 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589056 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-10-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111264 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [377712 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_9bbed958a3d29caf\LenovoUtilityService.exe [231744 2022-04-25] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1820080 2021-02-06] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-07-20] (McAfee, LLC -> McAfee, LLC)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-10-11] (Microsoft Windows -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14770472 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [70416 2022-02-16] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_1c7347b4b6a6d779\amdacpafd.sys [265528 2020-11-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0371308.inf_amd64_c59599ecd83880cd\B371312\amdkmdag.sys [83123536 2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41832 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235584 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [385560 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [258072 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104976 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25048 2022-06-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47976 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274536 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553928 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113984 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [89056 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [860416 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [668208 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221528 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324864 2022-07-19] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-09-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 netrtp; C:\WINDOWS\System32\DRIVERS\netrtp.sys [46576 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-24] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-20 16:45 - 2022-07-20 16:46 - 000029952 _____ C:\Users\stepa\Desktop\FRST.txt
2022-07-19 21:08 - 2022-07-19 21:08 - 014076891 _____ C:\Users\stepa\Downloads\5.kolo (kopie) (1).pptx
2022-07-19 20:41 - 2022-07-19 20:42 - 014076284 _____ C:\Users\stepa\Downloads\5.kolo (1).pptx
2022-07-19 20:37 - 2022-07-19 20:37 - 008283302 _____ C:\Users\stepa\Downloads\4.kolo (kopie).pptx
2022-07-19 20:12 - 2022-07-19 20:12 - 008283040 _____ C:\Users\stepa\Downloads\4.kolo.pptx
2022-07-19 20:11 - 2022-07-19 20:12 - 008902918 _____ C:\Users\stepa\Downloads\3.kolo (kopie) (1).pptx
2022-07-19 20:11 - 2022-07-19 20:11 - 008902918 _____ C:\Users\stepa\Downloads\3.kolo (kopie).pptx
2022-07-19 19:56 - 2022-07-19 19:56 - 008902367 _____ C:\Users\stepa\Downloads\3.kolo.pptx
2022-07-19 19:45 - 2022-07-19 19:46 - 014267586 _____ C:\Users\stepa\Downloads\2.kolo (kopie).pptx
2022-07-19 19:27 - 2022-07-19 19:27 - 014267043 _____ C:\Users\stepa\Downloads\2.kolo.pptx
2022-07-19 19:01 - 2022-07-19 18:58 - 010005508 _____ C:\Users\stepa\Downloads\1.kolo - kopie.pptx
2022-07-19 18:58 - 2022-07-19 19:00 - 000032949 _____ C:\Users\stepa\Desktop\test.pptx
2022-07-19 18:57 - 2022-07-19 18:58 - 010005848 _____ C:\Users\stepa\Downloads\1.kolo (kopie).pptx
2022-07-19 18:57 - 2022-07-19 18:58 - 010005508 _____ C:\Users\stepa\Downloads\1.kolo.pptx
2022-07-19 18:57 - 2022-07-19 18:57 - 000270592 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-07-19 18:57 - 2022-07-19 18:57 - 000221528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-07-19 12:45 - 2022-07-19 12:45 - 000000165 _____ C:\Users\stepa\Downloads\_$nápovědy.pptx
2022-07-19 12:40 - 2022-07-19 12:40 - 253189956 _____ C:\Users\stepa\Downloads\Videostop.pptx
2022-07-19 12:40 - 2022-07-19 12:40 - 000488409 _____ C:\Users\stepa\Downloads\bludiště.pptx
2022-07-19 12:37 - 2022-07-19 12:37 - 010413182 _____ C:\Users\stepa\Downloads\Poklad Anežky České.pptx
2022-07-19 12:30 - 2022-07-19 12:30 - 000578370 _____ C:\Users\stepa\Downloads\RISKUJ (1).pptx
2022-07-19 12:26 - 2022-07-19 12:26 - 006786747 _____ C:\Users\stepa\Downloads\Milionář.pptx
2022-07-17 14:26 - 2022-07-17 14:26 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-17 14:26 - 2022-07-17 14:26 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-17 14:26 - 2022-07-17 14:26 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-17 14:26 - 2022-07-17 14:26 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-17 14:26 - 2022-07-17 14:26 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-17 14:26 - 2022-07-17 14:26 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-17 14:26 - 2022-07-17 14:26 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-17 14:26 - 2022-07-17 14:26 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-17 14:26 - 2022-07-17 14:26 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-17 14:26 - 2022-07-17 14:26 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-17 14:19 - 2022-07-17 14:19 - 000000000 ___HD C:\$WinREAgent
2022-07-17 14:15 - 2022-07-19 18:08 - 000000000 ____D C:\Users\stepa\Desktop\Rozhovor pro fakulutu
2022-07-15 12:52 - 2022-07-15 12:52 - 000328439 _____ C:\Users\stepa\Downloads\Martínková CV (1).pptx
2022-07-15 12:36 - 2022-07-15 12:46 - 000328650 _____ C:\Users\stepa\Downloads\Martínková CV.pptx
2022-07-11 23:45 - 2022-07-11 23:49 - 1962671465 _____ C:\Users\stepa\Downloads\František je děvkař (2008).mp4
2022-07-10 13:51 - 2022-07-10 13:51 - 000044914 _____ C:\Users\stepa\Downloads\Reactor-Installer.lua
2022-07-09 23:55 - 2022-07-10 00:43 - 000038919 _____ C:\Users\stepa\Desktop\Věštkyně.pptx
2022-07-09 23:35 - 2022-07-09 23:35 - 000000000 ____D C:\Users\stepa\AppData\Local\OpenToonz
2022-07-09 23:34 - 2022-07-09 23:35 - 000000000 ____D C:\OpenToonz stuff
2022-07-09 23:33 - 2022-07-09 23:34 - 053739440 _____ (DWANGO Co., Ltd. ) C:\Users\stepa\Downloads\OpenToonzSetup.exe
2022-07-09 22:24 - 2022-07-09 22:24 - 000001319 _____ C:\Users\stepa\Desktop\Blender.lnk
2022-07-09 22:24 - 2022-07-09 22:24 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\blender
2022-07-09 22:23 - 2022-07-09 22:23 - 000000000 ____D C:\Program Files\Blender Foundation
2022-07-09 22:20 - 2022-07-09 22:20 - 224141312 _____ C:\Users\stepa\Downloads\blender-3.2.1-windows-x64.msi
2022-07-09 18:03 - 2022-07-09 18:03 - 000000000 ____D C:\Users\stepa\AppData\Roaming\0install.net
2022-07-09 18:03 - 2022-07-09 18:03 - 000000000 ____D C:\Users\stepa\AppData\Local\0install.net
2022-07-06 18:03 - 2022-07-09 23:50 - 000000000 ____D C:\ProgramData\obs-studio-hook
2022-07-06 18:03 - 2022-07-09 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2022-07-06 17:14 - 2022-07-06 17:15 - 117961440 _____ (OBS Project) C:\Users\stepa\Downloads\OBS-Studio-27.2.4-Full-Installer-x64.exe
2022-07-03 15:48 - 2022-07-03 15:48 - 000000000 ____D C:\Users\stepa\.ms-ad
2022-06-27 16:50 - 2022-06-29 18:15 - 000000000 ____D C:\Users\stepa\Desktop\diplomka teze
2022-06-27 14:49 - 2022-06-27 14:49 - 000025048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-20 16:45 - 2022-01-25 22:04 - 000000000 ____D C:\FRST
2022-07-20 16:44 - 2021-10-11 01:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-20 16:41 - 2022-01-26 14:04 - 000000000 ____D C:\Users\stepa\Desktop\FRST-OlderVersion
2022-07-20 16:41 - 2022-01-25 22:00 - 002369536 _____ (Farbar) C:\Users\stepa\Desktop\FRST64.exe
2022-07-20 16:39 - 2022-04-21 14:39 - 000003478 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{3B07CC98-1EA9-469D-A2F0-5BE70B54B489}
2022-07-20 16:39 - 2022-04-21 14:39 - 000003254 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342}
2022-07-20 16:39 - 2021-12-12 16:41 - 000003066 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-07-20 16:39 - 2021-11-29 19:39 - 000003354 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F95A899A-FAB6-4AA6-8240-140235E151DC}
2022-07-20 16:39 - 2021-10-11 01:32 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-07-20 16:39 - 2021-10-11 01:32 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - stepa
2022-07-20 16:39 - 2021-10-11 01:26 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-07-20 16:39 - 2021-10-11 01:13 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1915851472-2192339704-3292565872-1001
2022-07-20 16:39 - 2021-10-10 23:55 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-20 16:39 - 2021-10-10 23:55 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-20 16:37 - 2021-10-11 01:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-07-20 16:35 - 2021-10-10 23:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-20 15:37 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-20 15:37 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-20 15:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-20 15:02 - 2021-10-12 18:27 - 000000000 ____D C:\Users\stepa\AppData\Roaming\vlc
2022-07-20 14:26 - 2021-10-11 01:11 - 000000000 ____D C:\Users\stepa\AppData\Local\D3DSCache
2022-07-20 13:48 - 2021-10-11 00:16 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-20 13:48 - 2019-12-07 16:41 - 000717834 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-20 13:48 - 2019-12-07 16:41 - 000144996 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-20 13:48 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-20 13:44 - 2021-10-11 01:32 - 000000000 ____D C:\Program Files\CCleaner
2022-07-20 13:44 - 2021-08-29 13:22 - 000000000 ___RD C:\Users\stepa\OneDrive
2022-07-19 21:18 - 2021-10-13 09:34 - 000000000 ____D C:\Program Files\TeamViewer
2022-07-19 21:18 - 2021-10-11 01:30 - 000000000 ____D C:\ProgramData\Avast Software
2022-07-19 21:18 - 2021-10-10 23:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-19 21:18 - 2021-10-10 23:55 - 000000000 ____D C:\ProgramData\Goodix
2022-07-19 21:18 - 2021-10-10 23:54 - 000437064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-19 21:18 - 2020-11-27 02:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-19 21:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-07-19 21:18 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-19 21:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-19 18:57 - 2021-10-11 01:33 - 000860416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000668208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000553928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000385560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000324864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000274536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000258072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000113984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000104976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000089056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000047976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-07-19 18:57 - 2021-10-11 01:33 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-07-19 18:57 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-07-18 22:04 - 2021-10-10 23:55 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-18 22:04 - 2020-11-19 09:32 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-17 14:29 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-17 14:26 - 2021-10-10 23:57 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-17 14:18 - 2021-10-13 00:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-17 14:14 - 2022-02-08 15:52 - 000000000 ____D C:\Users\stepa\AppData\Roaming\Messenger
2022-07-17 14:14 - 2022-02-08 15:52 - 000000000 ____D C:\Users\stepa\AppData\Local\Messenger
2022-07-17 14:14 - 2021-10-11 02:05 - 000000000 ____D C:\Users\stepa\AppData\Local\CrashDumps
2022-07-17 14:09 - 2021-10-13 00:30 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-10 00:19 - 2021-10-22 09:06 - 000013098 _____ C:\WINDOWS\storelibdebug.txt
2022-07-09 23:18 - 2021-10-11 01:11 - 000000000 ____D C:\Users\stepa\AppData\Local\Packages
2022-07-09 18:03 - 2022-02-22 15:33 - 000000000 ____D C:\Users\stepa\AppData\Local\DeepL
2022-07-09 11:41 - 2021-04-15 00:50 - 000000000 ____D C:\Program Files\Microsoft Office
2022-07-07 23:08 - 2021-10-11 00:08 - 000002392 _____ C:\Users\stepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-06 22:40 - 2021-10-11 01:15 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-06 22:40 - 2021-10-11 01:15 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-03 15:48 - 2021-10-11 00:08 - 000000000 ____D C:\Users\stepa
2022-06-27 00:05 - 2021-10-11 01:25 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-06-27 00:05 - 2021-10-11 01:25 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-06-26 16:25 - 2020-11-19 09:33 - 000000000 ____D C:\ProgramData\Packages
2022-06-24 01:37 - 2021-10-10 23:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-06-20 19:31 - 2021-11-06 17:07 - 000000000 ____D C:\Users\stepa\AppData\Roaming\audacity

==================== Files in the root of some directories ========

2022-05-10 17:08 - 2022-05-10 17:08 - 000000218 _____ () C:\Users\stepa\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2022
Ran by stepa (20-07-2022 16:47:20)
Running from C:\Users\stepa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1826 (X64) (2021-10-10 22:16:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1915851472-2192339704-3292565872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1915851472-2192339704-3292565872-503 - Limited - Disabled)
Guest (S-1-5-21-1915851472-2192339704-3292565872-501 - Limited - Disabled)
stepa (S-1-5-21-1915851472-2192339704-3292565872-1001 - Administrator - Enabled) => C:\Users\stepa
WDAGUtilityAccount (S-1-5-21-1915851472-2192339704-3292565872-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20142 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Assassin's Creed 1 (HKLM-x32\...\Uplay Install 82) (Version: - Ubisoft)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.6.6022 - Avast Software)
Blackmagic RAW Common Components (HKLM\...\{7C42C191-D936-4CA3-9B25-829BF37F1ECD}) (Version: 2.3 - Blackmagic Design)
blender (HKLM\...\{A72A2DF9-8505-48E0-8CBA-49252FBF4600}) (Version: 3.2.1 - Blender Foundation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1091 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
DaVinci Resolve (HKLM\...\{5324FAF4-CFA8-4050-92E8-9C260E1F49CC}) (Version: 17.4.40007 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7667C543-084F-47F7-BC60-175FC25E9D6F}) (Version: 2.0.1.0 - Blackmagic Design)
DeepL (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\DeepL) (Version: 4.0.6052 - DeepL SE)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
IBM SPSS Statistics 26 (HKLM-x32\...\{1AC22BAE-DC13-4991-9910-AE3743A4592D}) (Version: 26.0.0.0 - IBM Corp)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.1.2- - Inkscape)
jamovi 2.2.5.0 (HKLM-x32\...\jamovi 2.2.5.0) (Version: 2.2.5.0 - The jamovi Project)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.9 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Messenger (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 138.0.348389699 - Facebook, Inc.)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.15330.20230 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\Teams) (Version: 1.5.00.12969 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29913 (HKLM\...\{620A7633-7A09-42A8-8580-076A4483C4B0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29913 (HKLM\...\{EECDD137-13DA-46ED-ADA0-BDF7F8BE65B8}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
MSI Afterburner 4.6.4 Beta 4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 4 - MSI Co., LTD)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
R for Windows 4.1.1 (HKLM\...\R for Windows 4.1.1_is1) (Version: 4.1.1 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 2021.09.0+351 - RStudio)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 126.0.10593 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.747 - McAfee, LLC)
WhatsApp (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\WhatsApp) (Version: 2.2218.8 - WhatsApp)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\ZoomUMX) (Version: 5.9.1 (2581) - Zoom Video Communications, Inc.)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m [2021-11-25] (Advanced Micro Devices Inc.) [Startup Task]
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.51091.0_x64__8wekyb3d8bbwe [2022-05-08] (Microsoft Corporation)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20602.609.0_x64__rz1tebttyb220 [2021-10-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-19] (Microsoft Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_9.21.1457.0_x64__17mer8kcn3j54 [2022-07-19] (Mirametrix Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4 [2022-06-26] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2206.16.0_x64__k1h2ywk1493x8 [2022-06-28] (LENOVO INC.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1560.21.216.0_x64__8xx8rvfyw5nnt [2022-07-20] (Meta) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-11] (Microsoft Studios) [MS Ad]
Movie Maker - Video Editor FREE -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.5.3.0_x64__bzg06mxvgh4fa [2022-07-19] (V3TApps)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.17.231.0_x64__dt26b99r8h8gj [2021-10-11] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Smart Microphone Setting -> C:\Program Files\WindowsApps\4505Fortemedia.FMAPOControl_1.0.38.0_x64__4pejv7q2gmsnr [2021-10-11] (Fortemedia)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0 [2022-07-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\stepa\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22117.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-19] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-11-30] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-09-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-07-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-15 00:56 - 2021-04-15 00:56 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2021-08-29 18:08 - 2021-08-29 18:11 - 000258048 _____ () [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2021-04-15 00:56 - 2021-04-15 00:56 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\sharepoint.com -> hxxps://fsvuk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stepa\OneDrive\Pictures\background\rainbow_texture679.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\StartupApproved\StartupFolder: => "DeepL.lnk"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\...\StartupApproved\Run: => "com.messenger"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{99717A7B-5B50-4519-BC22-A7802A869230}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DAC5FF3-5D23-4BDD-8ABD-DE43F17EE517}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8522670A-572B-45B2-AD6E-E5880CD6490E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6AC4204-A446-4AF9-BC9A-8720DEA41F35}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9D429E0D-5D8F-4527-92D3-A5AE1EE482BF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C4363F-E59C-4DCC-BB68-58558EFF786B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2A5191A0-2AF2-4AF1-982A-2A0DAB3DC749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BB7AB787-A398-4CFE-BF5F-E1B6745CD56F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F672B85-0E36-48D8-B05D-910954EBC9C4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{65643EFB-AB0A-4460-807A-AA4C96AA3545}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{37EAB394-6071-4794-87A6-4EEB10700F5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wesnoth\wesnoth.exe (The Battle for Wesnoth Project) [File not signed]
FirewallRules: [{A99F274E-0462-41B5-98D0-FD763D25F5D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{8659AC6B-F352-4E3A-B9C1-FC7B4A820447}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{F707F5AE-5FCA-4DF4-A5EB-B2C435966C4B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2D96B337-9D2B-4D87-A20F-296E6718A554}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2473B47C-8CE8-4060-8467-C4F26D7E7340}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{34A1B26B-916D-40F6-B0E2-3B34119F00A6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A53E38E1-E230-4F0E-97D5-281741C5605A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{592B3B90-4FAB-48A0-B9B0-CB4AA0EF57AD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9BD50D10-8F03-48F2-A3FE-DAD613BAD1C2}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AE9D95CE-574E-4916-AF88-A4E837EC9B7C}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{736FF52B-9B7D-41D1-880C-B3A6BCEB870B}] => (Allow) C:\Users\stepa\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF7113C6-8069-42AB-BC1E-9AB2D2CCEEA5}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{3C4EF203-176A-4B20-9F0E-A067B4E1437E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7ABC7093-FB2C-4F24-8CA0-232C2D11B41C}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{4345FE25-71DA-49F3-A8F5-C58426CDBF75}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.com (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{403CB423-6789-4828-BB7B-DD65B9CA3CCA}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{6DFD9827-E1EC-4041-9E07-4B575C888527}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{F75880F5-76CD-4C1C-92FD-D210A6AD9635}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{A8F3D334-BD5F-4E5A-BECC-6A382A9BBE0D}] => (Allow) C:\Program Files (x86)\IBM\SPSS\Statistics\26\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{AB3EAEC8-48C8-47CF-8E5D-0C93B51782B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{697E4AEC-3CF2-4A81-B15D-71F115F35A58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe () [File not signed]
FirewallRules: [{2B7C6AC8-5966-4985-93E4-2D045A8C5658}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6453AFEB-B7CE-4AF1-8286-CA4AB535BE9D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{77D54001-8B4D-4401-90DC-6F4A47B28534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{D5D6CC11-3102-4E4F-A4CD-BAAB352F88F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe (Warner Bros. Interactive Entertainment, Inc. -> Rocksteady Studios Ltd.)
FirewallRules: [{B153C39B-4E59-4865-A661-21F1B3540C1C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D6C8535B-1F8A-407D-A759-7F3429C7A3FD}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3E142D2D-1AAE-4C20-8E8D-463A6E7549B3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{71BE5422-B093-4D91-9E62-4EFCDF4FCA6B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{61D7766B-3011-4D69-88EE-85C2FC300C1F}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{6FBA622D-98D4-4864-97B1-68BB7F453502}] => (Allow) C:\Program Files (x86)\Lenovo\Lsf\Lsf.exe (Lenovo -> 联想软件)
FirewallRules: [{E0E2ED93-C868-4DAD-86B1-AA3EFEC11E04}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B8393AB-AE75-4004-891E-1A74D1FF6068}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CE7196B-CEDE-453C-8617-7EEA0EB34E7C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B3DD71A5-119C-4D3B-A342-AB15699538B5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0082C6D3-1D0F-4101-810F-7BC8FA1AD764}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{93E8F37E-8EE0-4279-883B-E1667BCEECC8}C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{66A2F6E6-3E6A-479F-92DE-50DBBDB86C46}C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\stepa\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F53F55E8-15B5-4D86-B594-D3D7D23768ED}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{6D50AF55-556F-47CF-BDF1-666D7A9AA0F5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{565FDA2D-A812-47F5-A07F-67544EE25548}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{75AB1316-564A-448D-AF84-887F6A0A2605}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{8EB60B07-DAE6-4C4A-A372-B023DF7F6501}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{79BAC10A-5811-4A56-8540-CB95125F5BDE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{FAB45157-04EF-4FC8-9BB2-884F4495CD2E}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{057B133F-9501-4BCE-89F9-AAA9FBE71EE8}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{E3219C35-F6AB-46BF-A70F-2F4E728DAEE7}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Block) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{0BCCF83A-8134-4F9C-8546-4BEEB57FD963}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{106B351E-48C7-4DC1-9398-C36349BE1840}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Block) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{829A84A3-8DC8-48AC-B9BD-9F8FD3F2912D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{CABD3C58-C3CF-4E80-B953-1BC9D983DB30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{B4F24B91-B7C7-458F-9842-A25E26C63F92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{C89EAD2A-91A2-46DC-A9D6-7DE73B6801E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{FADAC0DD-6BED-49AB-AFB5-65254159D564}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D9C3F06F-217C-4767-9B22-78ECBC05F147}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{375E4D18-0D80-4CDD-935B-3B2DF4A3D032}C:\program files (x86)\ibm\spss\statistics\26\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [UDP Query User{03EA7205-FCB7-49D3-AEF0-416D6DC26D9F}C:\program files (x86)\ibm\spss\statistics\26\stats.exe] => (Allow) C:\program files (x86)\ibm\spss\statistics\26\stats.exe (International Business Machines Corporation -> IBM Corp.)
FirewallRules: [{97898DBF-A49D-4EB8-BA20-6DFF74C335FC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A905E4EF-515A-4645-935E-BA2DE1273F84}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{97AC19CF-CC57-441D-9C67-603A40689162}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Block) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{9E44F153-3525-4906-A25D-9BFA252DC22C}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Block) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7C6CC836-EF4E-4C78-8F57-2CF1C7725CE6}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7D874BDD-9F4C-4DDC-ACCC-F3AC22782988}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0F9FFDF5-C99F-4330-8F0A-CFF9372A8BA5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{140313F3-B842-4779-B1E6-CA78DE33F74D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E1F006A7-9900-4430-AB58-25BCED3AF405}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A3F52BD7-E32B-4359-8FBC-9671A91ADCC7}C:\program files\opentoonz\opentoonz.exe] => (Block) C:\program files\opentoonz\opentoonz.exe => No File
FirewallRules: [UDP Query User{E7ED6B65-7C30-4269-97D8-CD8D09E416B5}C:\program files\opentoonz\opentoonz.exe] => (Block) C:\program files\opentoonz\opentoonz.exe => No File
FirewallRules: [{57091367-9A22-4A29-8700-AFE7128FC554}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9080F482-8E89-475C-921B-AA0CAE07343F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1CEA54B5-4E8E-4D3F-8CC2-C534BB28DB1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FB9FFBEB-DA0A-48DB-9A8E-F590B202541F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{28AD205C-6EF8-4896-8B94-9268DC7E33E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B60CB3CC-4924-4BF2-A9EF-6EF89639B77C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EAD32C04-79FC-4A3A-AA8A-3A9CAB87C4B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E70C4740-3506-44E8-986E-744CA15B8E71}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C26D5CBD-A560-45FA-AB02-4DFD2A937A6F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E190A36A-63C7-49C3-B441-51492810E412}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B793F98-FBAD-4E70-A64E-47124348E1BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2259955-52FF-4E38-9D96-BCCD11869F29}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3858488C-EA1A-41B3-A67B-A335BB0960B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59C901E9-04DD-4274-935C-ED64697ABA28}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5B252FD9-681A-466B-831C-CA26EA23389F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

09-07-2022 22:23:12 Installed blender
17-07-2022 14:18:59 Instalační služba modulů systému Windows
17-07-2022 14:20:35 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Microsoft Wi-Fi Direct Virtual Adapter #2
Description: Virtuální adaptér Microsoft Wi-Fi Direct
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (07/19/2022 09:18:59 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe, identifikátor PID: 4644, identifikátor PID ProfSvc: 2612.

Error: (07/17/2022 02:14:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Messenger.exe, verze: 138.0.0.0, časové razítko: 0xb8d94249
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000071208
ID chybujícího procesu: 0x3f2c
Čas spuštění chybující aplikace: 0x01d8985616bf4ad6
Cesta k chybující aplikaci: C:\Users\stepa\AppData\Local\Programs\Messenger\Messenger.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: b3489c37-4414-48a0-825f-e4d915ecdf17
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/10/2022 01:21:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (07/10/2022 01:21:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (07/10/2022 01:21:02 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (07/10/2022 01:21:02 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/27/2022 11:03:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/27/2022 10:27:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.1566, časové razítko: 0x1f37eb46
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1741, časové razítko: 0xe9b4a91b
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000010fa32
ID chybujícího procesu: 0x718
Čas spuštění chybující aplikace: 0x01d889ffc0834b13
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 844701fb-f4a3-4636-8e4e-f6595cb01d09
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (07/19/2022 01:02:01 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/19/2022 05:40:55 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/19/2022 05:40:51 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/18/2022 10:24:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter08.dll
Kód chyby: 21

Error: (07/17/2022 03:20:17 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/16/2022 04:33:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/16/2022 03:12:35 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/15/2022 05:53:36 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2022-07-19 17:04:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {05E13146-E3D9-4068-8E64-AC16579530EF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-07-15 17:37:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {27AE72BE-2438-455D-87CE-458CE9071FDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-07-15 15:29:35
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {10C9B6A6-FEA0-48B0-99D3-E7473C0B3FCE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-07-11 23:53:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8B4A6DD3-D866-4132-BF1B-63D195AD297A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-07-09 18:52:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B075770D-0B03-4E45-A52A-043880B90D8D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-07-18 22:23:59
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.371.203.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19400.3
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2022-07-20 16:33:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-07-20 15:19:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-07-20 13:44:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO G5CN16WW(V1.04) 02/03/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 5700U with Radeon Graphics
Percentage of memory in use: 46%
Total physical RAM: 15722.31 MB
Available physical RAM: 8372.78 MB
Total Virtual: 18154.31 MB
Available Virtual: 7227.77 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:128.77 GB) (Model: WDC PC SN530 SDBPMPZ-512G-1101) (Protected) NTFS

\\?\Volume{9e6b0568-7b8a-49ac-9a30-4b40ae471739}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{ca95f999-bea6-46fc-8c11-b2f477cb7ad0}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D29A838C)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu kvůli divnému chování Chrome

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Re: Prosím o kontrolu logu kvůli divnému chování Chrome

#3 Příspěvek od StepanMez »

počítač se sám od sebe nerestartoaval, log přidávám :-)

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-20-2022
# Duration: 00:00:03
# OS: Windows 10 Home
# Scanned: 32061
# Detected: 7


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\stepa\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoServiceBridge Folder C:\Users\stepa\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1


AdwCleaner[S00].txt - [2206 octets] - [26/01/2022 00:10:19]
AdwCleaner[C00].txt - [1642 octets] - [26/01/2022 00:19:15]
AdwCleaner[S01].txt - [2244 octets] - [20/07/2022 17:21:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu kvůli divnému chování Chrome

#4 Příspěvek od Rudy »

Neměl důvod, preinstalled jsou jen neškodné utility od Lenova. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4682596F-0E8C-4274-AA56-1DA16F087FFB} - System32\Tasks\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
ask: {E0EC762C-F598-4E32-87FF-5F0351D27B7E} - System32\Tasks\GoogleUpdateTaskMachineUA{3B07CC98-1EA9-469D-A2F0-5BE70B54B489} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{3B07CC98-1EA9-469D-A2F0-5BE70B54B489}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342}
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
FirewallRules: [TCP Query User{A3F52BD7-E32B-4359-8FBC-9671A91ADCC7}C:\program files\opentoonz\opentoonz.exe] => (Block) C:\program files\opentoonz\opentoonz.exe => No File
FirewallRules: [UDP Query User{E7ED6B65-7C30-4269-97D8-CD8D09E416B5}C:\program files\opentoonz\opentoonz.exe] => (Block) C:\program files\opentoonz\opentoonz.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Re: Prosím o kontrolu logu kvůli divnému chování Chrome

#5 Příspěvek od StepanMez »

Aha, děkuji za vysvětlení :)

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-07-2022
Ran by stepa (22-07-2022 16:03:01) Run:2
Running from C:\Users\stepa\Desktop
Loaded Profiles: stepa
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4682596F-0E8C-4274-AA56-1DA16F087FFB} - System32\Tasks\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
ask: {E0EC762C-F598-4E32-87FF-5F0351D27B7E} - System32\Tasks\GoogleUpdateTaskMachineUA{3B07CC98-1EA9-469D-A2F0-5BE70B54B489} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC)
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{3B07CC98-1EA9-469D-A2F0-5BE70B54B489}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342}
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> DefaultScope {284E3018-91B6-4213-989F-8AF180E07044} URL =
SearchScopes: HKU\S-1-5-21-1915851472-2192339704-3292565872-1001 -> {284E3018-91B6-4213-989F-8AF180E07044} URL =
FirewallRules: [TCP Query User{A3F52BD7-E32B-4359-8FBC-9671A91ADCC7}C:\program files\opentoonz\opentoonz.exe] => (Block) C:\program files\opentoonz\opentoonz.exe => No File
FirewallRules: [UDP Query User{E7ED6B65-7C30-4269-97D8-CD8D09E416B5}C:\program files\opentoonz\opentoonz.exe] => (Block) C:\program files\opentoonz\opentoonz.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4682596F-0E8C-4274-AA56-1DA16F087FFB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4682596F-0E8C-4274-AA56-1DA16F087FFB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342}" => removed successfully
ask: {E0EC762C-F598-4E32-87FF-5F0351D27B7E} - System32\Tasks\GoogleUpdateTaskMachineUA{3B07CC98-1EA9-469D-A2F0-5BE70B54B489} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-11] (Google LLC -> Google LLC) => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{3B07CC98-1EA9-469D-A2F0-5BE70B54B489} => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{E1136D66-F3FF-44FD-BF11-386938570342}" => not found
"HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1915851472-2192339704-3292565872-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{284E3018-91B6-4213-989F-8AF180E07044} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A3F52BD7-E32B-4359-8FBC-9671A91ADCC7}C:\program files\opentoonz\opentoonz.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E7ED6B65-7C30-4269-97D8-CD8D09E416B5}C:\program files\opentoonz\opentoonz.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31620897 B
Java, Discord, Steam htmlcache => 318885747 B
Windows/system/drivers => 21670524 B
Edge => 0 B
Chrome => 809074512 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 538079 B
systemprofile32 => 538079 B
LocalService => 585091 B
NetworkService => 693509 B
stepa => 179402596 B

RecycleBin => 1114784480 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-07-2022 16:05:37)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 16:05:37 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu kvůli divnému chování Chrome

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Re: Prosím o kontrolu logu kvůli divnému chování Chrome

#7 Příspěvek od StepanMez »

Děkuji za vyčištění :)
Chrome se sám od sebe nevrátil, ale to jsem ani nečekal. Reset nastavení na výchozí hodnoty to opravil.
Ještě jednou děkuji a přeji hezký den.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu kvůli divnému chování Chrome

#8 Příspěvek od Rudy »

OK, to jsem rád. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno