Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (15-10-2022 09:58:49)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1207.2\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1207.2\AVGBrowserCrashHandler64.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoCompanionAppAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.111.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [249088 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\105.0.18469.128\Installer\chrmstp.exe [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {2090FC70-863A-48DE-BC74-6178EFB966D8} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [198040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {29F408BF-DDF6-4E59-84DD-81FAB1FC8B5F} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2977528 2022-09-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3F56CAF0-8BE1-48DE-920A-A6C1D99D3EF8} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [198040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {56A6EA05-EC93-41B9-A0BC-D23CFFEB5F98} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6E6C8F24-C53F-45B6-95CA-F9B5E1EC1F2F} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2977528 2022-09-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C29E184A-BF3D-456D-88D8-8C2BC60A9CC3} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4983040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D48BBE43-9EA1-40DE-B8E5-C2716444986A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\93770316-ef07-4d9c-a4ed-91a508bcb01c => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-15]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1207.2\npAvgBrowserUpdate3.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1207.2\npAvgBrowserUpdate3.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [198040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [628992 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [628480 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8549936 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [198040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\105.0.18469.128\elevation_service.exe [1997112 2022-09-14] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [42424 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [238280 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [390152 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [258576 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [106512 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [25064 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [48640 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [276640 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [558688 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [114624 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [90144 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [863088 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [671864 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [222104 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [328064 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49576 2022-09-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [453904 2022-09-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-11] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-15 09:14 - 2022-10-15 09:37 - 000027674 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-15 09:59 - 000025979 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-15 09:59 - 000000000 ____D C:\FRST
2022-10-15 09:11 - 2022-10-15 09:12 - 002373120 _____ (Farbar) C:\Users\zilak\Downloads\FRST64 (1).exe
2022-10-15 09:11 - 2022-10-15 09:11 - 002373120 _____ (Farbar) C:\Users\zilak\Downloads\Nepotvrzeno 482938.crdownload
2022-10-15 08:59 - 2022-10-15 08:59 - 000025064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgElam.sys
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:38 - 2022-10-10 18:38 - 000003826 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2022-10-10 18:38 - 2022-10-10 18:38 - 000003242 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2022-10-10 18:38 - 2022-10-10 18:38 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2022-10-10 18:37 - 2022-10-10 18:38 - 000000000 ____D C:\Users\zilak\AppData\Local\AVG
2022-10-10 18:37 - 2022-10-10 18:37 - 000003468 _____ C:\Windows\system32\Tasks\AVGUpdateTaskMachineUA
2022-10-10 18:37 - 2022-10-10 18:37 - 000003344 _____ C:\Windows\system32\Tasks\AVGUpdateTaskMachineCore
2022-10-10 18:37 - 2022-10-10 18:37 - 000000000 ____D C:\Program Files (x86)\AVG
2022-10-10 18:36 - 2022-10-10 18:36 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2022-10-10 18:36 - 2022-10-10 18:36 - 000000000 ____D C:\Users\zilak\AppData\Roaming\AVG
2022-10-10 18:35 - 2022-10-15 08:57 - 000004266 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2022-10-10 18:35 - 2022-10-10 18:35 - 000863088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000671864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000558688 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000390152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000328064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000276640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000270592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2022-10-10 18:35 - 2022-10-10 18:35 - 000258576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000238280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000222104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000114624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000106512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000090144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000048640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000042424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2022-10-10 18:35 - 2022-10-10 18:35 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-10-10 18:34 - 2022-10-10 19:22 - 000000000 ____D C:\ProgramData\AVG
2022-10-10 18:34 - 2022-10-10 18:34 - 000235248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\zilak\Downloads\avg_antivirus_free_setup.exe
2022-10-10 18:34 - 2022-10-10 18:34 - 000000000 ____D C:\Program Files\AVG
2022-10-08 11:25 - 2022-10-15 09:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-08 11:21 - 2022-10-08 11:21 - 000268512 _____ (AVAST Software) C:\Users\zilak\Downloads\avast_free_antivirus_setup_online.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-15 09:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-15 09:34 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-15 09:15 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 09:06 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-15 09:06 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-15 09:06 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-15 09:06 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-15 09:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-15 08:58 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-15 08:55 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-15 08:54 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-15 08:54 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-15 08:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-10 19:22 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-10 18:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-08 23:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2022
Ran by zilak (15-10-2022 09:59:47)
Running from C:\Users\zilak\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-01-26 09:59:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2541232812-3930879844-776344880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2541232812-3930879844-776344880-503 - Limited - Disabled)
Guest (S-1-5-21-2541232812-3930879844-776344880-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2541232812-3930879844-776344880-504 - Limited - Disabled)
zilak (S-1-5-21-2541232812-3930879844-776344880-1001 - Administrator - Enabled) => C:\Users\zilak
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 22.9.3254 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 105.0.18469.128 - AVG Technologies)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-15] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-11-22] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2021-02-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4 [2022-06-25] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-17] (LENOVO INC.)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-12-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-07-30] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Seznam – najdu tam, co neznám -> C:\Program Files\WindowsApps\www.seznam.cz-4D274219_1.0.0.0_neutral__65eq04vpgwpz0 [2021-12-23] (www.seznam.cz)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0 [2022-09-30] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-22 08:23 - 2020-11-22 08:23 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-11-13 15:06 - 2021-11-13 15:06 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2C7F9A97-C27A-42E4-8D69-3DAF867BC4A1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86EC4033-40F7-4195-9272-1FA7DB5A616F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3662071-8A25-4D3F-B649-2AB5C13AB0E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6ADFDDB4-5491-42DA-9053-0B92699C9974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3016C36-FA1D-4637-8EB9-BE852DD13D95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0A90432-3BC7-4774-A517-27F2DD04334E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B72A7259-7A62-45E1-ABAC-12AF1B75064F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B362BEF-688F-44A9-A691-3D334D2CD3B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FAFA3872-CAC9-413E-B8FB-9A8755EB64B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{59801C7E-D9C9-429D-BD69-F6ACC3A2AC63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{909363D5-181A-4731-80ED-007E73011C0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{73BCFE01-4D44-484C-A8FC-99B4246AD555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3BA00785-41A4-49DE-A180-E29BF0131D42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B40F501A-434F-432E-A1BE-BACB8B3E45A9}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{46539B8D-A727-4ABE-9A6B-74F5C9DAF73B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{77707101-E7C5-4B56-A505-A5A71CFDB4E3}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{10DB858A-D2BE-428D-9EA9-68325B3C0456}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AD1CA9FF-1E90-4E7F-A183-1F5B0C24980F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118 GB) (Free:61.69 GB) (52%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/15/2022 08:54:22 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
Metoda: GET(94ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (10/11/2022 04:18:43 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Oct 2022 14:18:42 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 87ad1c19-2b11-4c42-8a2d-46a46864bf15
Metoda: GET(4391ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/10/2022 07:38:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1138
Čas spuštění: 01d8dccefacd4529
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
ID hlášení: 2e6c72f2-3e81-4cd3-aa2c-1cc3e064d1af
Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (10/10/2022 07:35:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1928
Čas spuštění: 01d8dcccece29b25
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
ID hlášení: 75669450-d3f2-4f4f-a7b8-e765bc127a76
Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (10/10/2022 07:28:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1949 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1ca4
Čas spuštění: 01d8dcccede4023a
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: cf7a4477-669d-4226-a4af-7cb464fa9092
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: CortanaUI
Typ zablokování: Quiesce
Error: (10/10/2022 07:22:35 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 10 Oct 2022 17:22:35 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3b9e22ed-de95-4482-a80b-ef10c8715ed3
Metoda: GET(453ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/10/2022 06:44:26 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 10 Oct 2022 16:44:25 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 409af5a3-ad36-4043-9768-41f8d2257629
Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/08/2022 11:13:39 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 08 Oct 2022 21:13:39 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a03f605e-8904-4928-8c4b-ede3eb6d871b
Metoda: GET(625ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (10/15/2022 08:56:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2022-04 Aktualizace pro Windows 10 Version 21H1 pro systémy typu x64 (KB5005463).
Error: (10/15/2022 08:54:00 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/15/2022 08:54:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:48:23, 12.10.2022) bylo neočekávané.
Error: (10/11/2022 05:46:49 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-31VCA373)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/11/2022 05:46:49 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-31VCA373)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/11/2022 05:46:49 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-31VCA373)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1 se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/11/2022 04:27:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2022-04 Aktualizace pro Windows 10 Version 21H1 pro systémy typu x64 (KB5005463).
Error: (10/11/2022 04:17:42 PM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Windows Defender:
================
Date: 2022-10-07 19:27:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D948538-EC65-485B-BEEF-6817E2E5FC19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-05 19:16:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66928FC2-8E98-4CCE-A7D5-E94DC9C05457}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-03 09:55:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69F4EF92-16E8-49BA-9899-3FCADA9DD0E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-02 08:49:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C49596B-3D4A-48F3-93E4-64AE0F8A7B60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-01 08:39:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {94F9D47C-4AD1-484E-90BE-7FA1A69F3DDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-10-15 08:58:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-10 18:59:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2022-10-10 18:51:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2022-10-10 18:39:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E8CN34WW 04/28/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 83%
Total physical RAM: 3460.26 MB
Available physical RAM: 565.04 MB
Total Virtual: 7556.26 MB
Available Virtual: 2935.29 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:61.69 GB) (Model: SAMSUNG MZALQ128HBHQ-000L2) NTFS
\\?\Volume{64f741cd-f384-469e-b344-dc9b60607a4b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{332dae64-797c-40ce-9ee2-e0b977af240e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AF8A14A0)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
dobré ráno
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-16-2022
# Duration: 00:00:03
# OS: Windows 10 (Build 19043.2006)
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\zilak\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Windows\LENOVO\IMCONTROLLER
*************************
AdwCleaner[S00].txt - [1875 octets] - [16/10/2022 10:06:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-16-2022
# Duration: 00:00:03
# OS: Windows 10 (Build 19043.2006)
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\zilak\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Windows\LENOVO\IMCONTROLLER
*************************
AdwCleaner[S00].txt - [1875 octets] - [16/10/2022 10:06:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
dobré ráno
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-16-2022
# Duration: 00:00:03
# OS: Windows 10 (Build 19043.2006)
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\zilak\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Windows\LENOVO\IMCONTROLLER
*************************
AdwCleaner[S00].txt - [1875 octets] - [16/10/2022 10:06:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-16-2022
# Duration: 00:00:03
# OS: Windows 10 (Build 19043.2006)
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\zilak\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Windows\LENOVO\IMCONTROLLER
*************************
AdwCleaner[S00].txt - [1875 octets] - [16/10/2022 10:06:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Také dobré ráno. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-10-2022
Ran by zilak (16-10-2022 11:43:49)
Running from C:\Users\zilak\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-01-26 09:59:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2541232812-3930879844-776344880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2541232812-3930879844-776344880-503 - Limited - Disabled)
Guest (S-1-5-21-2541232812-3930879844-776344880-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2541232812-3930879844-776344880-504 - Limited - Disabled)
zilak (S-1-5-21-2541232812-3930879844-776344880-1001 - Administrator - Enabled) => C:\Users\zilak
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-15] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-11-22] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2021-02-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4 [2022-10-16] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-17] (LENOVO INC.)
Malwarebytes -> C:\Program Files\WindowsApps\www.malwarebytes.com-8EA8DCBF_1.0.0.0_neutral__q0vncpsq06pm6 [2022-10-15] (www.malwarebytes.com)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-12-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-07-30] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Seznam – najdu tam, co neznám -> C:\Program Files\WindowsApps\www.seznam.cz-4D274219_1.0.0.0_neutral__65eq04vpgwpz0 [2021-12-23] (www.seznam.cz)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-16] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-22 08:23 - 2020-11-22 08:23 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-11-13 15:06 - 2021-11-13 15:06 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 176.12.112.2 - 176.12.112.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{29839CEB-4246-4CA5-8C8A-3E21F57CA786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324666C6-516B-455D-B205-F7905DC00D1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E7B9201-FEA2-4BE3-AEFD-D0EDC20730D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{14D45C11-5FA9-408B-BDCF-26F5E304E53F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86E19C60-C3D9-4C04-A0D9-505976464DC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46C726F2-1FAF-41FA-9805-86A0FCEEA904}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0B84473-B705-4EA9-B8CA-36F1D82EF421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D9B70BE-A623-4F83-A1B3-B13770AFC7FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C3D18F9-3F9D-45A3-8A55-0A85B1A3FE84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D9BDC81-0CC1-4725-9967-FCF0D81B7C2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{032724EC-D7A8-419A-A703-301949D19247}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BE5AF09-F876-4202-B81E-8EFCB96BD06F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118 GB) (Free:68.87 GB) (58%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/16/2022 10:21:13 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:21:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3870c7ae-88c7-4f35-87cb-3c50f0738ec4
Metoda: GET(4032ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/16/2022 10:08:27 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:08:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 228f5475-4235-47a3-a600-3f43952f6015
Metoda: GET(610ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (10/16/2022 08:52:29 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 06:52:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a37b8e93-dd41-4f69-9c03-38700084a423
Metoda: GET(625ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 12:47:13 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 10:47:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d1be07c5-a064-49e9-bdd5-27965ebfe9b7
Metoda: GET(563ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 11:29:49 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 09:29:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7e3b3814-d8f5-4dc1-9bf8-cbcc7fbb8cf1
Metoda: GET(2765ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 10:54:24 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 08:54:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ea4fe601-7a44-4e39-a0e1-644c35cfaea3
Metoda: GET(812ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (10/16/2022 10:19:44 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/16/2022 10:08:05 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Notebook ITS Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Fn and function keys service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-10-07 19:27:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D948538-EC65-485B-BEEF-6817E2E5FC19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-05 19:16:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66928FC2-8E98-4CCE-A7D5-E94DC9C05457}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-03 09:55:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69F4EF92-16E8-49BA-9899-3FCADA9DD0E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-02 08:49:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C49596B-3D4A-48F3-93E4-64AE0F8A7B60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-01 08:39:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {94F9D47C-4AD1-484E-90BE-7FA1A69F3DDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-10-15 12:29:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-10 18:59:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2022-10-10 18:51:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E8CN34WW 04/28/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 83%
Total physical RAM: 3460.26 MB
Available physical RAM: 586.93 MB
Total Virtual: 7428.26 MB
Available Virtual: 2938.58 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:68.87 GB) (Model: SAMSUNG MZALQ128HBHQ-000L2) NTFS
\\?\Volume{64f741cd-f384-469e-b344-dc9b60607a4b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{332dae64-797c-40ce-9ee2-e0b977af240e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AF8A14A0)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 11:42:46)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <26>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 176.12.112.2 176.12.112.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 176.12.112.2 176.12.112.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 11:41 - 2022-10-16 11:42 - 002373120 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-15 10:00 - 000027677 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 11:43 - 000018936 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 11:43 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 11:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 11:27 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-16 10:07 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by zilak (16-10-2022 11:43:49)
Running from C:\Users\zilak\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-01-26 09:59:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2541232812-3930879844-776344880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2541232812-3930879844-776344880-503 - Limited - Disabled)
Guest (S-1-5-21-2541232812-3930879844-776344880-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2541232812-3930879844-776344880-504 - Limited - Disabled)
zilak (S-1-5-21-2541232812-3930879844-776344880-1001 - Administrator - Enabled) => C:\Users\zilak
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-15] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-11-22] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2021-02-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4 [2022-10-16] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-17] (LENOVO INC.)
Malwarebytes -> C:\Program Files\WindowsApps\www.malwarebytes.com-8EA8DCBF_1.0.0.0_neutral__q0vncpsq06pm6 [2022-10-15] (www.malwarebytes.com)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-12-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-07-30] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Seznam – najdu tam, co neznám -> C:\Program Files\WindowsApps\www.seznam.cz-4D274219_1.0.0.0_neutral__65eq04vpgwpz0 [2021-12-23] (www.seznam.cz)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-16] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-22 08:23 - 2020-11-22 08:23 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-11-13 15:06 - 2021-11-13 15:06 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 176.12.112.2 - 176.12.112.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{29839CEB-4246-4CA5-8C8A-3E21F57CA786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324666C6-516B-455D-B205-F7905DC00D1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E7B9201-FEA2-4BE3-AEFD-D0EDC20730D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{14D45C11-5FA9-408B-BDCF-26F5E304E53F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86E19C60-C3D9-4C04-A0D9-505976464DC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46C726F2-1FAF-41FA-9805-86A0FCEEA904}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0B84473-B705-4EA9-B8CA-36F1D82EF421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D9B70BE-A623-4F83-A1B3-B13770AFC7FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C3D18F9-3F9D-45A3-8A55-0A85B1A3FE84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D9BDC81-0CC1-4725-9967-FCF0D81B7C2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{032724EC-D7A8-419A-A703-301949D19247}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BE5AF09-F876-4202-B81E-8EFCB96BD06F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118 GB) (Free:68.87 GB) (58%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/16/2022 10:21:13 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:21:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3870c7ae-88c7-4f35-87cb-3c50f0738ec4
Metoda: GET(4032ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/16/2022 10:08:27 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:08:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 228f5475-4235-47a3-a600-3f43952f6015
Metoda: GET(610ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (10/16/2022 08:52:29 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 06:52:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a37b8e93-dd41-4f69-9c03-38700084a423
Metoda: GET(625ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 12:47:13 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 10:47:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d1be07c5-a064-49e9-bdd5-27965ebfe9b7
Metoda: GET(563ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 11:29:49 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 09:29:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7e3b3814-d8f5-4dc1-9bf8-cbcc7fbb8cf1
Metoda: GET(2765ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 10:54:24 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 08:54:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ea4fe601-7a44-4e39-a0e1-644c35cfaea3
Metoda: GET(812ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (10/16/2022 10:19:44 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/16/2022 10:08:05 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Notebook ITS Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Fn and function keys service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-10-07 19:27:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D948538-EC65-485B-BEEF-6817E2E5FC19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-05 19:16:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66928FC2-8E98-4CCE-A7D5-E94DC9C05457}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-03 09:55:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69F4EF92-16E8-49BA-9899-3FCADA9DD0E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-02 08:49:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C49596B-3D4A-48F3-93E4-64AE0F8A7B60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-01 08:39:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {94F9D47C-4AD1-484E-90BE-7FA1A69F3DDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-10-15 12:29:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-10 18:59:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2022-10-10 18:51:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E8CN34WW 04/28/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 83%
Total physical RAM: 3460.26 MB
Available physical RAM: 586.93 MB
Total Virtual: 7428.26 MB
Available Virtual: 2938.58 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:68.87 GB) (Model: SAMSUNG MZALQ128HBHQ-000L2) NTFS
\\?\Volume{64f741cd-f384-469e-b344-dc9b60607a4b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{332dae64-797c-40ce-9ee2-e0b977af240e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AF8A14A0)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 11:42:46)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <26>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 176.12.112.2 176.12.112.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 176.12.112.2 176.12.112.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 11:41 - 2022-10-16 11:42 - 002373120 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-15 10:00 - 000027677 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 11:43 - 000018936 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 11:43 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 11:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 11:27 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-16 10:07 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\zilak\Download jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
U1 avgbdisk; no ImagePath
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by zilak (16-10-2022 16:01:05)
Running from C:\Users\zilak\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-01-26 09:59:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2541232812-3930879844-776344880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2541232812-3930879844-776344880-503 - Limited - Disabled)
Guest (S-1-5-21-2541232812-3930879844-776344880-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2541232812-3930879844-776344880-504 - Limited - Disabled)
zilak (S-1-5-21-2541232812-3930879844-776344880-1001 - Administrator - Enabled) => C:\Users\zilak
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-15] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-11-22] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2021-02-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4 [2022-10-16] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-17] (LENOVO INC.)
Malwarebytes -> C:\Program Files\WindowsApps\www.malwarebytes.com-8EA8DCBF_1.0.0.0_neutral__q0vncpsq06pm6 [2022-10-15] (www.malwarebytes.com)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-12-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-07-30] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Seznam – najdu tam, co neznám -> C:\Program Files\WindowsApps\www.seznam.cz-4D274219_1.0.0.0_neutral__65eq04vpgwpz0 [2021-12-23] (www.seznam.cz)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-16] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-22 08:23 - 2020-11-22 08:23 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-11-13 15:06 - 2021-11-13 15:06 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{29839CEB-4246-4CA5-8C8A-3E21F57CA786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324666C6-516B-455D-B205-F7905DC00D1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E7B9201-FEA2-4BE3-AEFD-D0EDC20730D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{14D45C11-5FA9-408B-BDCF-26F5E304E53F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86E19C60-C3D9-4C04-A0D9-505976464DC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46C726F2-1FAF-41FA-9805-86A0FCEEA904}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0B84473-B705-4EA9-B8CA-36F1D82EF421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D9B70BE-A623-4F83-A1B3-B13770AFC7FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C3D18F9-3F9D-45A3-8A55-0A85B1A3FE84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D9BDC81-0CC1-4725-9967-FCF0D81B7C2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{032724EC-D7A8-419A-A703-301949D19247}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BE5AF09-F876-4202-B81E-8EFCB96BD06F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118 GB) (Free:68.87 GB) (58%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/16/2022 10:21:13 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:21:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3870c7ae-88c7-4f35-87cb-3c50f0738ec4
Metoda: GET(4032ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/16/2022 10:08:27 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:08:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 228f5475-4235-47a3-a600-3f43952f6015
Metoda: GET(610ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (10/16/2022 08:52:29 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 06:52:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a37b8e93-dd41-4f69-9c03-38700084a423
Metoda: GET(625ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 12:47:13 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 10:47:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d1be07c5-a064-49e9-bdd5-27965ebfe9b7
Metoda: GET(563ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 11:29:49 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 09:29:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7e3b3814-d8f5-4dc1-9bf8-cbcc7fbb8cf1
Metoda: GET(2765ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 10:54:24 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 08:54:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ea4fe601-7a44-4e39-a0e1-644c35cfaea3
Metoda: GET(812ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (10/16/2022 10:19:44 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/16/2022 10:08:05 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Notebook ITS Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Fn and function keys service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-10-07 19:27:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D948538-EC65-485B-BEEF-6817E2E5FC19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-05 19:16:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66928FC2-8E98-4CCE-A7D5-E94DC9C05457}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-03 09:55:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69F4EF92-16E8-49BA-9899-3FCADA9DD0E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-02 08:49:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C49596B-3D4A-48F3-93E4-64AE0F8A7B60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-01 08:39:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {94F9D47C-4AD1-484E-90BE-7FA1A69F3DDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-10-15 12:29:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-10 18:59:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2022-10-10 18:51:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E8CN34WW 04/28/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 84%
Total physical RAM: 3460.26 MB
Available physical RAM: 533.46 MB
Total Virtual: 7428.26 MB
Available Virtual: 3206.88 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:68.87 GB) (Model: SAMSUNG MZALQ128HBHQ-000L2) NTFS
\\?\Volume{64f741cd-f384-469e-b344-dc9b60607a4b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{332dae64-797c-40ce-9ee2-e0b977af240e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AF8A14A0)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 16:00:05)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11CB6A9F-0E51-4127-B383-838909A74B53} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\42330d07-bb58-4b08-b157-1b1221a8e1c0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {85133988-FBA5-456F-BD41-98A84B8AB4EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f0c25dd6-5607-4fca-8aca-b109d16eb8b5 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9C45987D-21E7-4093-9A7C-DC4B6BBCABE6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f5dba379-56f8-4b6c-b3ea-0abcf8f3e485 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D61BF064-3325-4AFF-A635-E7ADD6961129} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a47ec48-6682-4478-a4e9-58f0b4184116 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 15:58 - 2022-10-16 15:58 - 000000000 ____D C:\Users\zilak\Downloads\FRST-OlderVersion
2022-10-16 15:58 - 2022-10-16 15:56 - 000002561 _____ C:\Users\zilak\Downloads\fixlist.txt..txt
2022-10-16 15:52 - 2022-10-16 15:52 - 000002570 _____ C:\Users\zilak\OneDrive\Dokumenty\fixlist.txt..txt
2022-10-16 11:41 - 2022-10-16 15:58 - 002373632 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-16 11:44 - 000024672 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 16:00 - 000019392 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 16:00 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 15:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 15:46 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 15:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 13:04 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by zilak (16-10-2022 16:01:05)
Running from C:\Users\zilak\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-01-26 09:59:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2541232812-3930879844-776344880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2541232812-3930879844-776344880-503 - Limited - Disabled)
Guest (S-1-5-21-2541232812-3930879844-776344880-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2541232812-3930879844-776344880-504 - Limited - Disabled)
zilak (S-1-5-21-2541232812-3930879844-776344880-1001 - Administrator - Enabled) => C:\Users\zilak
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-15] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-11-22] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2021-02-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4 [2022-10-16] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-17] (LENOVO INC.)
Malwarebytes -> C:\Program Files\WindowsApps\www.malwarebytes.com-8EA8DCBF_1.0.0.0_neutral__q0vncpsq06pm6 [2022-10-15] (www.malwarebytes.com)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-12-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-07-30] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Seznam – najdu tam, co neznám -> C:\Program Files\WindowsApps\www.seznam.cz-4D274219_1.0.0.0_neutral__65eq04vpgwpz0 [2021-12-23] (www.seznam.cz)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-16] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-11-22 08:23 - 2020-11-22 08:23 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-11-13 15:06 - 2021-11-13 15:06 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{29839CEB-4246-4CA5-8C8A-3E21F57CA786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324666C6-516B-455D-B205-F7905DC00D1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E7B9201-FEA2-4BE3-AEFD-D0EDC20730D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{14D45C11-5FA9-408B-BDCF-26F5E304E53F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86E19C60-C3D9-4C04-A0D9-505976464DC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46C726F2-1FAF-41FA-9805-86A0FCEEA904}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0B84473-B705-4EA9-B8CA-36F1D82EF421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D9B70BE-A623-4F83-A1B3-B13770AFC7FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C3D18F9-3F9D-45A3-8A55-0A85B1A3FE84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D9BDC81-0CC1-4725-9967-FCF0D81B7C2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{032724EC-D7A8-419A-A703-301949D19247}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BE5AF09-F876-4202-B81E-8EFCB96BD06F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118 GB) (Free:68.87 GB) (58%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/16/2022 10:21:13 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:21:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3870c7ae-88c7-4f35-87cb-3c50f0738ec4
Metoda: GET(4032ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/16/2022 10:08:27 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:08:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 228f5475-4235-47a3-a600-3f43952f6015
Metoda: GET(610ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (10/16/2022 08:52:29 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 06:52:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a37b8e93-dd41-4f69-9c03-38700084a423
Metoda: GET(625ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 12:47:13 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 10:47:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d1be07c5-a064-49e9-bdd5-27965ebfe9b7
Metoda: GET(563ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 11:29:49 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 09:29:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7e3b3814-d8f5-4dc1-9bf8-cbcc7fbb8cf1
Metoda: GET(2765ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (10/15/2022 10:54:24 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 08:54:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ea4fe601-7a44-4e39-a0e1-644c35cfaea3
Metoda: GET(812ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (10/16/2022 10:19:44 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/16/2022 10:08:05 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Notebook ITS Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Fn and function keys service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2022-10-07 19:27:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D948538-EC65-485B-BEEF-6817E2E5FC19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-05 19:16:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66928FC2-8E98-4CCE-A7D5-E94DC9C05457}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-03 09:55:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69F4EF92-16E8-49BA-9899-3FCADA9DD0E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-02 08:49:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C49596B-3D4A-48F3-93E4-64AE0F8A7B60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-10-01 08:39:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {94F9D47C-4AD1-484E-90BE-7FA1A69F3DDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-10-15 12:29:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-10-10 18:59:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2022-10-10 18:51:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E8CN34WW 04/28/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 84%
Total physical RAM: 3460.26 MB
Available physical RAM: 533.46 MB
Total Virtual: 7428.26 MB
Available Virtual: 3206.88 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:68.87 GB) (Model: SAMSUNG MZALQ128HBHQ-000L2) NTFS
\\?\Volume{64f741cd-f384-469e-b344-dc9b60607a4b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{332dae64-797c-40ce-9ee2-e0b977af240e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AF8A14A0)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 16:00:05)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11CB6A9F-0E51-4127-B383-838909A74B53} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\42330d07-bb58-4b08-b157-1b1221a8e1c0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {85133988-FBA5-456F-BD41-98A84B8AB4EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f0c25dd6-5607-4fca-8aca-b109d16eb8b5 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9C45987D-21E7-4093-9A7C-DC4B6BBCABE6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f5dba379-56f8-4b6c-b3ea-0abcf8f3e485 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D61BF064-3325-4AFF-A635-E7ADD6961129} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a47ec48-6682-4478-a4e9-58f0b4184116 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 15:58 - 2022-10-16 15:58 - 000000000 ____D C:\Users\zilak\Downloads\FRST-OlderVersion
2022-10-16 15:58 - 2022-10-16 15:56 - 000002561 _____ C:\Users\zilak\Downloads\fixlist.txt..txt
2022-10-16 15:52 - 2022-10-16 15:52 - 000002570 _____ C:\Users\zilak\OneDrive\Dokumenty\fixlist.txt..txt
2022-10-16 11:41 - 2022-10-16 15:58 - 002373632 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-16 11:44 - 000024672 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 16:00 - 000019392 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 16:00 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 15:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 15:46 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 15:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 13:04 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Potřebuji vidět obsah souboru fixlog.txt máte ho v C:\Users\zilak\Downloads. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
díky za trpělivost..
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
U1 avgbdisk; no ImagePath
EmptyTemp:
End
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
U1 avgbdisk; no ImagePath
EmptyTemp:
End
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Toto je fixlist. Fixlog vypadá asi takto: https://forum.viry.cz/viewtopic.php?p=1548316#p1548316 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
tek snad:)Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 19:07:12)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11CB6A9F-0E51-4127-B383-838909A74B53} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\42330d07-bb58-4b08-b157-1b1221a8e1c0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {85133988-FBA5-456F-BD41-98A84B8AB4EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f0c25dd6-5607-4fca-8aca-b109d16eb8b5 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9C45987D-21E7-4093-9A7C-DC4B6BBCABE6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f5dba379-56f8-4b6c-b3ea-0abcf8f3e485 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D61BF064-3325-4AFF-A635-E7ADD6961129} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a47ec48-6682-4478-a4e9-58f0b4184116 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 15:58 - 2022-10-16 15:58 - 000000000 ____D C:\Users\zilak\Downloads\FRST-OlderVersion
2022-10-16 15:58 - 2022-10-16 15:56 - 000002561 _____ C:\Users\zilak\Downloads\fixlist.txt..txt
2022-10-16 15:52 - 2022-10-16 15:52 - 000002570 _____ C:\Users\zilak\OneDrive\Dokumenty\fixlist.txt..txt
2022-10-16 11:41 - 2022-10-16 15:58 - 002373632 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-16 17:38 - 000024656 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 19:07 - 000019487 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 19:07 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 18:50 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 18:50 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 17:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 13:04 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 19:07:12)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11CB6A9F-0E51-4127-B383-838909A74B53} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\42330d07-bb58-4b08-b157-1b1221a8e1c0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {85133988-FBA5-456F-BD41-98A84B8AB4EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f0c25dd6-5607-4fca-8aca-b109d16eb8b5 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9C45987D-21E7-4093-9A7C-DC4B6BBCABE6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f5dba379-56f8-4b6c-b3ea-0abcf8f3e485 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D61BF064-3325-4AFF-A635-E7ADD6961129} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a47ec48-6682-4478-a4e9-58f0b4184116 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 15:58 - 2022-10-16 15:58 - 000000000 ____D C:\Users\zilak\Downloads\FRST-OlderVersion
2022-10-16 15:58 - 2022-10-16 15:56 - 000002561 _____ C:\Users\zilak\Downloads\fixlist.txt..txt
2022-10-16 15:52 - 2022-10-16 15:52 - 000002570 _____ C:\Users\zilak\OneDrive\Dokumenty\fixlist.txt..txt
2022-10-16 11:41 - 2022-10-16 15:58 - 002373632 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-16 17:38 - 000024656 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 19:07 - 000019487 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 19:07 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 18:50 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-10-16 18:50 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 17:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 13:04 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Ani teď ne. Soubor se jmenuje fixlog.txt a měl byste ho mít v C:\Users\zilak\Downloads. Dal jste sem log FRST.Rudy píše: ↑16 říj 2022 17:03 Toto je fixlist. Fixlog vypadá asi takto: https://forum.viry.cz/viewtopic.php?p=1548316#p1548316 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
tak snad:)
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
U1 avgbdisk; no ImagePath
EmptyTemp:
End
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
U1 avgbdisk; no ImagePath
EmptyTemp:
End
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji
Tak si myslím, že si ze mne děláte legraci. Je to stejné, jako fixlist zde: https://forum.viry.cz/viewtopic.php?p=1548403#p1548403 (to je to, co jsem vám napsal). Já potřebuji vidět fixlog. Je ve stejném adresáři, jako tyto soubory, z n ichž loy sem neustále dáváte (ty jsou mi teď celkem na nic), je ne se trefit do toho správného. Ten se jmenuje fixlog.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?