VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (15-10-2022 09:58:49)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1207.2\AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:\Program Files (x86)\AVG\Browser\Update\1.8.1207.2\AVGBrowserCrashHandler64.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoCompanionAppAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.111.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [249088 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852200 2022-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{48F69C39-1356-4A7B-A899-70E3539D4982}] -> C:\Program Files (x86)\AVG\Browser\Application\105.0.18469.128\Installer\chrmstp.exe [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {2090FC70-863A-48DE-BC74-6178EFB966D8} - System32\Tasks\AVGUpdateTaskMachineCore => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [198040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {29F408BF-DDF6-4E59-84DD-81FAB1FC8B5F} - System32\Tasks\AVG Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2977528 2022-09-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {3F56CAF0-8BE1-48DE-920A-A6C1D99D3EF8} - System32\Tasks\AVGUpdateTaskMachineUA => C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [198040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {56A6EA05-EC93-41B9-A0BC-D23CFFEB5F98} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6E6C8F24-C53F-45B6-95CA-F9B5E1EC1F2F} - System32\Tasks\AVG Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe [2977528 2022-09-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C29E184A-BF3D-456D-88D8-8C2BC60A9CC3} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4983040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D48BBE43-9EA1-40DE-B8E5-C2716444986A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\93770316-ef07-4d9c-a4ed-91a508bcb01c => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-15]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1207.2\npAvgBrowserUpdate3.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:\Program Files (x86)\AVG\Browser\Update\1.8.1207.2\npAvgBrowserUpdate3.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)

Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avg; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [198040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [628992 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [628480 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8549936 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [198040 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:\Program Files (x86)\AVG\Browser\Application\105.0.18469.128\elevation_service.exe [1997112 2022-09-14] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [42424 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [238280 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [390152 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [258576 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [106512 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\Windows\System32\drivers\avgElam.sys [25064 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [48640 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [276640 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\Windows\System32\drivers\avgNetHub.sys [558688 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [114624 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [90144 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [863088 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [671864 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [222104 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [328064 2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49576 2022-09-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [453904 2022-09-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-11] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-15 09:14 - 2022-10-15 09:37 - 000027674 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-15 09:59 - 000025979 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-15 09:59 - 000000000 ____D C:\FRST
2022-10-15 09:11 - 2022-10-15 09:12 - 002373120 _____ (Farbar) C:\Users\zilak\Downloads\FRST64 (1).exe
2022-10-15 09:11 - 2022-10-15 09:11 - 002373120 _____ (Farbar) C:\Users\zilak\Downloads\Nepotvrzeno 482938.crdownload
2022-10-15 08:59 - 2022-10-15 08:59 - 000025064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgElam.sys
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:38 - 2022-10-10 18:38 - 000003826 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Hourly)
2022-10-10 18:38 - 2022-10-10 18:38 - 000003242 _____ C:\Windows\system32\Tasks\AVG Secure Browser Heartbeat Task (Logon)
2022-10-10 18:38 - 2022-10-10 18:38 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Secure Browser.lnk
2022-10-10 18:37 - 2022-10-10 18:38 - 000000000 ____D C:\Users\zilak\AppData\Local\AVG
2022-10-10 18:37 - 2022-10-10 18:37 - 000003468 _____ C:\Windows\system32\Tasks\AVGUpdateTaskMachineUA
2022-10-10 18:37 - 2022-10-10 18:37 - 000003344 _____ C:\Windows\system32\Tasks\AVGUpdateTaskMachineCore
2022-10-10 18:37 - 2022-10-10 18:37 - 000000000 ____D C:\Program Files (x86)\AVG
2022-10-10 18:36 - 2022-10-10 18:36 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2022-10-10 18:36 - 2022-10-10 18:36 - 000000000 ____D C:\Users\zilak\AppData\Roaming\AVG
2022-10-10 18:35 - 2022-10-15 08:57 - 000004266 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2022-10-10 18:35 - 2022-10-10 18:35 - 000863088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000671864 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000558688 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetHub.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000390152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000328064 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000276640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000270592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2022-10-10 18:35 - 2022-10-10 18:35 - 000258576 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000238280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000222104 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000114624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000106512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000090144 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000048640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000042424 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2022-10-10 18:35 - 2022-10-10 18:35 - 000000000 ____D C:\Windows\system32\Tasks\AVG
2022-10-10 18:35 - 2022-10-10 18:35 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-10-10 18:34 - 2022-10-10 19:22 - 000000000 ____D C:\ProgramData\AVG
2022-10-10 18:34 - 2022-10-10 18:34 - 000235248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\zilak\Downloads\avg_antivirus_free_setup.exe
2022-10-10 18:34 - 2022-10-10 18:34 - 000000000 ____D C:\Program Files\AVG
2022-10-08 11:25 - 2022-10-15 09:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-08 11:21 - 2022-10-08 11:21 - 000268512 _____ (AVAST Software) C:\Users\zilak\Downloads\avast_free_antivirus_setup_online.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-15 09:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-15 09:34 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-15 09:15 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 09:06 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-15 09:06 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-15 09:06 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-15 09:06 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-15 09:04 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-15 08:58 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-15 08:55 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-15 08:54 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-15 08:54 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-15 08:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-10 19:22 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-10 18:35 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-08 23:12 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2022
Ran by zilak (15-10-2022 09:59:47)
Running from C:\Users\zilak\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-01-26 09:59:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2541232812-3930879844-776344880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2541232812-3930879844-776344880-503 - Limited - Disabled)
Guest (S-1-5-21-2541232812-3930879844-776344880-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2541232812-3930879844-776344880-504 - Limited - Disabled)
zilak (S-1-5-21-2541232812-3930879844-776344880-1001 - Administrator - Enabled) => C:\Users\zilak

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 22.9.3254 - AVG Technologies)
AVG Secure Browser (HKLM-x32\...\AVG Secure Browser) (Version: 105.0.18469.128 - AVG Technologies)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-15] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-11-22] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2021-02-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4 [2022-06-25] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-17] (LENOVO INC.)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-12-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-07-30] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Seznam – najdu tam, co neznám -> C:\Program Files\WindowsApps\www.seznam.cz-4D274219_1.0.0.0_neutral__65eq04vpgwpz0 [2021-12-23] (www.seznam.cz)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0 [2022-09-30] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-10-10] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-22 08:23 - 2020-11-22 08:23 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-11-13 15:06 - 2021-11-13 15:06 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2C7F9A97-C27A-42E4-8D69-3DAF867BC4A1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{86EC4033-40F7-4195-9272-1FA7DB5A616F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3662071-8A25-4D3F-B649-2AB5C13AB0E3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6ADFDDB4-5491-42DA-9053-0B92699C9974}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3016C36-FA1D-4637-8EB9-BE852DD13D95}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.88.3401.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0A90432-3BC7-4774-A517-27F2DD04334E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B72A7259-7A62-45E1-ABAC-12AF1B75064F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B362BEF-688F-44A9-A691-3D334D2CD3B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FAFA3872-CAC9-413E-B8FB-9A8755EB64B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{59801C7E-D9C9-429D-BD69-F6ACC3A2AC63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{909363D5-181A-4731-80ED-007E73011C0E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{73BCFE01-4D44-484C-A8FC-99B4246AD555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3BA00785-41A4-49DE-A180-E29BF0131D42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B40F501A-434F-432E-A1BE-BACB8B3E45A9}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{46539B8D-A727-4ABE-9A6B-74F5C9DAF73B}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{77707101-E7C5-4B56-A505-A5A71CFDB4E3}] => (Allow) C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)
FirewallRules: [{10DB858A-D2BE-428D-9EA9-68325B3C0456}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AD1CA9FF-1E90-4E7F-A183-1F5B0C24980F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:61.69 GB) (52%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/15/2022 08:54:22 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(94ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (10/11/2022 04:18:43 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 11 Oct 2022 14:18:42 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 87ad1c19-2b11-4c42-8a2d-46a46864bf15

Metoda: GET(4391ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/10/2022 07:38:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1138

Čas spuštění: 01d8dccefacd4529

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

ID hlášení: 2e6c72f2-3e81-4cd3-aa2c-1cc3e064d1af

Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (10/10/2022 07:35:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program StartMenuExperienceHost.exe verze 0.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1928

Čas spuštění: 01d8dcccece29b25

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

ID hlášení: 75669450-d3f2-4f4f-a7b8-e765bc127a76

Úplný název balíčku s chybou: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (10/10/2022 07:28:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1949 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1ca4

Čas spuštění: 01d8dcccede4023a

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: cf7a4477-669d-4226-a4af-7cb464fa9092

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: CortanaUI

Typ zablokování: Quiesce

Error: (10/10/2022 07:22:35 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 10 Oct 2022 17:22:35 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3b9e22ed-de95-4482-a80b-ef10c8715ed3

Metoda: GET(453ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/10/2022 06:44:26 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 10 Oct 2022 16:44:25 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 409af5a3-ad36-4043-9768-41f8d2257629

Metoda: GET(328ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/08/2022 11:13:39 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 08 Oct 2022 21:13:39 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a03f605e-8904-4928-8c4b-ede3eb6d871b

Metoda: GET(625ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

System errors:
=============
Error: (10/15/2022 08:56:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2022-04 Aktualizace pro Windows 10 Version 21H1 pro systémy typu x64 (KB5005463).

Error: (10/15/2022 08:54:00 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)

Error: (10/15/2022 08:54:04 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:48:23, ‎12.‎10.‎2022) bylo neočekávané.

Error: (10/11/2022 05:46:49 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-31VCA373)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/11/2022 05:46:49 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-31VCA373)
Description: Server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/11/2022 05:46:49 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-31VCA373)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.1 se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/11/2022 04:27:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2022-04 Aktualizace pro Windows 10 Version 21H1 pro systémy typu x64 (KB5005463).

Error: (10/11/2022 04:17:42 PM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)

Windows Defender:
================
Date: 2022-10-07 19:27:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D948538-EC65-485B-BEEF-6817E2E5FC19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-05 19:16:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66928FC2-8E98-4CCE-A7D5-E94DC9C05457}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-03 09:55:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69F4EF92-16E8-49BA-9899-3FCADA9DD0E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-02 08:49:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C49596B-3D4A-48F3-93E4-64AE0F8A7B60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-01 08:39:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {94F9D47C-4AD1-484E-90BE-7FA1A69F3DDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-10-15 08:58:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-10 18:59:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-10 18:51:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-10 18:39:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO E8CN34WW 04/28/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 83%
Total physical RAM: 3460.26 MB
Available physical RAM: 565.04 MB
Total Virtual: 7556.26 MB
Available Virtual: 2935.29 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:61.69 GB) (Model: SAMSUNG MZALQ128HBHQ-000L2) NTFS

\\?\Volume{64f741cd-f384-469e-b344-dc9b60607a4b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{332dae64-797c-40ce-9ee2-e0b977af240e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AF8A14A0)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

dobré ráno

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-16-2022
# Duration: 00:00:03
# OS: Windows 10 (Build 19043.2006)
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\zilak\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****

***** [ Folders ] *****

Cleaning failed C:\Windows\LENOVO\IMCONTROLLER

*************************

AdwCleaner[S00].txt - [1875 octets] - [16/10/2022 10:06:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

dobré ráno

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-16-2022
# Duration: 00:00:03
# OS: Windows 10 (Build 19043.2006)
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\zilak\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****

***** [ Folders ] *****

Cleaning failed C:\Windows\LENOVO\IMCONTROLLER

*************************

AdwCleaner[S00].txt - [1875 octets] - [16/10/2022 10:06:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Také dobré ráno. Dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-10-2022
Ran by zilak (16-10-2022 11:43:49)
Running from C:\Users\zilak\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-01-26 09:59:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2541232812-3930879844-776344880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2541232812-3930879844-776344880-503 - Limited - Disabled)
Guest (S-1-5-21-2541232812-3930879844-776344880-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2541232812-3930879844-776344880-504 - Limited - Disabled)
zilak (S-1-5-21-2541232812-3930879844-776344880-1001 - Administrator - Enabled) => C:\Users\zilak

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-15] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-11-22] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2021-02-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4 [2022-10-16] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-17] (LENOVO INC.)
Malwarebytes -> C:\Program Files\WindowsApps\www.malwarebytes.com-8EA8DCBF_1.0.0.0_neutral__q0vncpsq06pm6 [2022-10-15] (www.malwarebytes.com)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-12-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-07-30] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Seznam – najdu tam, co neznám -> C:\Program Files\WindowsApps\www.seznam.cz-4D274219_1.0.0.0_neutral__65eq04vpgwpz0 [2021-12-23] (www.seznam.cz)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-16] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-22 08:23 - 2020-11-22 08:23 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-11-13 15:06 - 2021-11-13 15:06 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 176.12.112.2 - 176.12.112.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{29839CEB-4246-4CA5-8C8A-3E21F57CA786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324666C6-516B-455D-B205-F7905DC00D1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E7B9201-FEA2-4BE3-AEFD-D0EDC20730D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{14D45C11-5FA9-408B-BDCF-26F5E304E53F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86E19C60-C3D9-4C04-A0D9-505976464DC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46C726F2-1FAF-41FA-9805-86A0FCEEA904}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0B84473-B705-4EA9-B8CA-36F1D82EF421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D9B70BE-A623-4F83-A1B3-B13770AFC7FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C3D18F9-3F9D-45A3-8A55-0A85B1A3FE84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D9BDC81-0CC1-4725-9967-FCF0D81B7C2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{032724EC-D7A8-419A-A703-301949D19247}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BE5AF09-F876-4202-B81E-8EFCB96BD06F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:68.87 GB) (58%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/16/2022 10:21:13 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:21:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3870c7ae-88c7-4f35-87cb-3c50f0738ec4

Metoda: GET(4032ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/16/2022 10:08:27 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:08:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 228f5475-4235-47a3-a600-3f43952f6015

Metoda: GET(610ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/16/2022 08:52:29 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 06:52:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a37b8e93-dd41-4f69-9c03-38700084a423

Metoda: GET(625ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/15/2022 12:47:13 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 10:47:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d1be07c5-a064-49e9-bdd5-27965ebfe9b7

Metoda: GET(563ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/15/2022 11:29:49 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 09:29:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7e3b3814-d8f5-4dc1-9bf8-cbcc7fbb8cf1

Metoda: GET(2765ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/15/2022 10:54:24 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 08:54:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ea4fe601-7a44-4e39-a0e1-644c35cfaea3

Metoda: GET(812ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

System errors:
=============
Error: (10/16/2022 10:19:44 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)

Error: (10/16/2022 10:08:05 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Notebook ITS Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Fn and function keys service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
================
Date: 2022-10-07 19:27:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D948538-EC65-485B-BEEF-6817E2E5FC19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-05 19:16:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66928FC2-8E98-4CCE-A7D5-E94DC9C05457}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-03 09:55:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69F4EF92-16E8-49BA-9899-3FCADA9DD0E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-02 08:49:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C49596B-3D4A-48F3-93E4-64AE0F8A7B60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-01 08:39:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {94F9D47C-4AD1-484E-90BE-7FA1A69F3DDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-10-15 12:29:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-10 18:59:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-10 18:51:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO E8CN34WW 04/28/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 83%
Total physical RAM: 3460.26 MB
Available physical RAM: 586.93 MB
Total Virtual: 7428.26 MB
Available Virtual: 2938.58 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:68.87 GB) (Model: SAMSUNG MZALQ128HBHQ-000L2) NTFS

\\?\Volume{64f741cd-f384-469e-b344-dc9b60607a4b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{332dae64-797c-40ce-9ee2-e0b977af240e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AF8A14A0)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 11:42:46)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <26>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 176.12.112.2 176.12.112.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 176.12.112.2 176.12.112.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-16 11:41 - 2022-10-16 11:42 - 002373120 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-15 10:00 - 000027677 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 11:43 - 000018936 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 11:43 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 11:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-16 11:27 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-16 10:07 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
U1 avgbdisk; no ImagePath

EmptyTemp:
End

Uložte do C:\Users\zilak\Download jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2022
Ran by zilak (16-10-2022 16:01:05)
Running from C:\Users\zilak\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2021-01-26 09:59:56)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2541232812-3930879844-776344880-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2541232812-3930879844-776344880-503 - Limited - Disabled)
Guest (S-1-5-21-2541232812-3930879844-776344880-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2541232812-3930879844-776344880-504 - Limited - Disabled)
zilak (S-1-5-21-2541232812-3930879844-776344880-1001 - Administrator - Enabled) => C:\Users\zilak

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1207.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 106.0.5249.119 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.15.215 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.15.215 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15629.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.42 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\OneDriveSetup.exe) (Version: 22.196.0918.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2021-06-15] (Advanced Micro Devices Inc.) [Startup Task]
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-11-22] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20900.902.0_x64__rz1tebttyb220 [2021-02-26] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-02-17] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4 [2022-10-16] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-17] (LENOVO INC.)
Malwarebytes -> C:\Program Files\WindowsApps\www.malwarebytes.com-8EA8DCBF_1.0.0.0_neutral__q0vncpsq06pm6 [2022-10-15] (www.malwarebytes.com)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-12-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-07-30] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-02-26] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-06] (Microsoft Corporation)
Seznam – najdu tam, co neznám -> C:\Program Files\WindowsApps\www.seznam.cz-4D274219_1.0.0.0_neutral__65eq04vpgwpz0 [2021-12-23] (www.seznam.cz)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-16] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-22 08:23 - 2020-11-22 08:23 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2021-11-13 15:06 - 2021-11-13 15:06 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-09-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2541232812-3930879844-776344880-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{29839CEB-4246-4CA5-8C8A-3E21F57CA786}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{324666C6-516B-455D-B205-F7905DC00D1E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E7B9201-FEA2-4BE3-AEFD-D0EDC20730D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{14D45C11-5FA9-408B-BDCF-26F5E304E53F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86E19C60-C3D9-4C04-A0D9-505976464DC0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{46C726F2-1FAF-41FA-9805-86A0FCEEA904}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0B84473-B705-4EA9-B8CA-36F1D82EF421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7D9B70BE-A623-4F83-A1B3-B13770AFC7FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3C3D18F9-3F9D-45A3-8A55-0A85B1A3FE84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D9BDC81-0CC1-4725-9967-FCF0D81B7C2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{032724EC-D7A8-419A-A703-301949D19247}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1BE5AF09-F876-4202-B81E-8EFCB96BD06F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:68.87 GB) (58%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (10/16/2022 10:21:13 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:21:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3870c7ae-88c7-4f35-87cb-3c50f0738ec4

Metoda: GET(4032ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/16/2022 10:08:27 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 08:08:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 228f5475-4235-47a3-a600-3f43952f6015

Metoda: GET(610ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/16/2022 10:07:46 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/16/2022 08:52:29 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 16 Oct 2022 06:52:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: a37b8e93-dd41-4f69-9c03-38700084a423

Metoda: GET(625ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/15/2022 12:47:13 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 10:47:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d1be07c5-a064-49e9-bdd5-27965ebfe9b7

Metoda: GET(563ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/15/2022 11:29:49 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 09:29:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 7e3b3814-d8f5-4dc1-9bf8-cbcc7fbb8cf1

Metoda: GET(2765ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (10/15/2022 10:54:24 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-31VCA373$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 15 Oct 2022 08:54:24 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ea4fe601-7a44-4e39-a0e1-644c35cfaea3

Metoda: GET(812ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

System errors:
=============
Error: (10/16/2022 10:19:44 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)

Error: (10/16/2022 10:08:05 AM) (Source: IntcAzAudAddService) (EventID: 258) (User: )
Description: HAP AcpInitializeAudioEngineEx fail with status (0xC0000001)

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Notebook ITS Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Fn and function keys service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/16/2022 10:07:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Windows Defender:
================
Date: 2022-10-07 19:27:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5D948538-EC65-485B-BEEF-6817E2E5FC19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-05 19:16:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66928FC2-8E98-4CCE-A7D5-E94DC9C05457}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-03 09:55:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69F4EF92-16E8-49BA-9899-3FCADA9DD0E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-02 08:49:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1C49596B-3D4A-48F3-93E4-64AE0F8A7B60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-10-01 08:39:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {94F9D47C-4AD1-484E-90BE-7FA1A69F3DDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-10-15 12:29:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-10 18:59:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2022-10-10 18:51:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO E8CN34WW 04/28/2022
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 84%
Total physical RAM: 3460.26 MB
Available physical RAM: 533.46 MB
Total Virtual: 7428.26 MB
Available Virtual: 3206.88 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:68.87 GB) (Model: SAMSUNG MZALQ128HBHQ-000L2) NTFS

\\?\Volume{64f741cd-f384-469e-b344-dc9b60607a4b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{332dae64-797c-40ce-9ee2-e0b977af240e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AF8A14A0)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 16:00:05)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11CB6A9F-0E51-4127-B383-838909A74B53} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\42330d07-bb58-4b08-b157-1b1221a8e1c0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {85133988-FBA5-456F-BD41-98A84B8AB4EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f0c25dd6-5607-4fca-8aca-b109d16eb8b5 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9C45987D-21E7-4093-9A7C-DC4B6BBCABE6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f5dba379-56f8-4b6c-b3ea-0abcf8f3e485 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D61BF064-3325-4AFF-A635-E7ADD6961129} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a47ec48-6682-4478-a4e9-58f0b4184116 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-16 15:58 - 2022-10-16 15:58 - 000000000 ____D C:\Users\zilak\Downloads\FRST-OlderVersion
2022-10-16 15:58 - 2022-10-16 15:56 - 000002561 _____ C:\Users\zilak\Downloads\fixlist.txt..txt
2022-10-16 15:52 - 2022-10-16 15:52 - 000002570 _____ C:\Users\zilak\OneDrive\Dokumenty\fixlist.txt..txt
2022-10-16 11:41 - 2022-10-16 15:58 - 002373632 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-16 11:44 - 000024672 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 16:00 - 000019392 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 16:00 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 15:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-16 15:46 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 15:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 13:04 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Potřebuji vidět obsah souboru fixlog.txt máte ho v C:\Users\zilak\Downloads. Děkuji.

díky za trpělivost..
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
U1 avgbdisk; no ImagePath

EmptyTemp:
End

Toto je fixlist. Fixlog vypadá asi takto: https://forum.viry.cz/viewtopic.php?p=1548316#p1548316 .

tek snad:)Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2022
Ran by zilak (administrator) on LAPTOP-31VCA373 (LENOVO 81W1) (16-10-2022 19:07:12)
Running from C:\Users\zilak\Downloads
Loaded Profiles: zilak
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~3.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe <2>
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\zilak\AppData\Local\Microsoft\OneDrive\22.196.0918.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.117.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe [1230392 2021-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\Run: [MicrosoftEdgeAutoLaunch_5C29ACD1CF47408EB69928093C282FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3852232 2022-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe [2022-10-15] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11CB6A9F-0E51-4127-B383-838909A74B53} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\42330d07-bb58-4b08-b157-1b1221a8e1c0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13FB5D00-7CFE-4693-9B05-61A65A284C4E} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {42A81610-A0AE-48D1-9BC4-D27400E3CFA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4506953E-6912-48C4-94D1-037B9E35CEE8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {50627CFB-A8C2-4136-9877-7C1563008F93} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143232 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6849C147-FB3F-4248-B4FF-09A15B89D7D3} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {7B9CFAE2-6387-455A-A683-8952825969D7} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [65448 2022-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {85133988-FBA5-456F-BD41-98A84B8AB4EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f0c25dd6-5607-4fca-8aca-b109d16eb8b5 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {862E6AEF-64F5-42A3-A702-2A9998487A1B} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {870A7B8A-6CF4-496B-9285-19D1ACD68EF5} - System32\Tasks\Mirkat => C:\Users\zilak\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-07-30] () [simlink -> ]
Task: {96C0BDE6-C4D4-4EA3-94EA-3307C5979BFB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {9C45987D-21E7-4093-9A7C-DC4B6BBCABE6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f5dba379-56f8-4b6c-b3ea-0abcf8f3e485 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AA284E1A-32DA-466C-8CDC-DB321DDD81E4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {C4600A63-1F41-4F96-A415-162BF852BCBA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165176 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5931BE6-20C6-4D89-974E-3BFF2EF0304C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D61BF064-3325-4AFF-A635-E7ADD6961129} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3a47ec48-6682-4478-a4e9-58f0b4184116 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {E6470305-456D-431B-BFAE-68C76E129F23} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {E86A3DAA-2B9D-4CC7-B369-90561F6DB4B7} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F571E858-3936-41C4-88A8-E8A1AD1B5E4D} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f63f8f6d-c311-4baf-b956-2a1daa4149f7}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-16]
Edge Notifications: Default -> hxxps://alvadi.cz; hxxps://czcams.com; hxxps://freecaptcha.top; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.identitysoftwarecentr.com; hxxps://www.tomtom.com
Edge DefaultSearchURL: Default -> hxxps://www.kb.cz/gfx/favicon/android-chrome-192x192.png
Edge Extension: (Seznam – najdu tam, co neznám) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkncgicdohgfdncecojfiapgebmlnaoc [2021-05-10]
Edge Extension: (MojeBanka | Internetové bankovnictví | Komerční banka) - C:\Users\zilak\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjkmihfempddganojkhlmpemkpginjmi [2021-04-15]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\zilak\AppData\Local\Google\Chrome\User Data\Default [2022-10-08]
CHR StartupUrls: Default -> "hxxps://www.google.com/"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477344 2022-10-15] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe [2301912 2021-01-05] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [334728 2020-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_eea2c15eb4860b4b\LenovoUtilityService.exe [241904 2022-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LNBITSSvc.exe [1817944 2020-09-11] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8838880 2022-10-15] (Malwarebytes Inc. -> Malwarebytes)
S3 mcafeeintegrationservice; C:\Windows\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\NisSrv.exe [3170576 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe [133584 2022-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-10-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-10-16] (Malwarebytes Inc. -> Malwarebytes)
R3 McAfeeIntegrationDriver; C:\Windows\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [37288 2021-09-02] (Phoenix Technologies Ltd. -> )
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-11-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2022-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [455968 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-10-15] (Microsoft Windows -> Microsoft Corporation)
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-16 15:58 - 2022-10-16 15:58 - 000000000 ____D C:\Users\zilak\Downloads\FRST-OlderVersion
2022-10-16 15:58 - 2022-10-16 15:56 - 000002561 _____ C:\Users\zilak\Downloads\fixlist.txt..txt
2022-10-16 15:52 - 2022-10-16 15:52 - 000002570 _____ C:\Users\zilak\OneDrive\Dokumenty\fixlist.txt..txt
2022-10-16 11:41 - 2022-10-16 15:58 - 002373632 _____ (Farbar) C:\Users\zilak\Downloads\FRST64.exe
2022-10-16 10:20 - 2022-10-16 10:20 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-10-16 10:19 - 2022-10-16 10:19 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-10-16 10:05 - 2022-10-16 10:05 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(2).exe
2022-10-16 10:04 - 2022-10-16 10:07 - 000000000 ____D C:\AdwCleaner
2022-10-16 10:04 - 2022-10-16 10:04 - 008791352 _____ (Malwarebytes) C:\Users\zilak\Downloads\adwcleaner(1).exe
2022-10-16 10:02 - 2022-10-16 10:02 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner (1).exe
2022-10-16 10:01 - 2022-10-16 10:01 - 008551608 _____ (Malwarebytes) C:\Users\zilak\Downloads\AdwCleaner.exe
2022-10-16 09:53 - 2022-10-16 09:53 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335 (1).exe
2022-10-15 13:51 - 2022-10-15 13:51 - 000000000 ____D C:\Users\zilak\AppData\Local\mbam
2022-10-15 13:38 - 2022-10-16 09:55 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-10-15 13:38 - 2022-10-15 13:38 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-10-15 13:38 - 2022-10-15 13:38 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-10-15 13:37 - 2022-10-16 09:53 - 000000000 ____D C:\Program Files\Malwarebytes
2022-10-15 13:37 - 2022-10-15 13:37 - 002632256 _____ (Malwarebytes) C:\Users\zilak\Downloads\MBSetup-68DE04C3-37335.37335.exe
2022-10-15 09:14 - 2022-10-16 17:38 - 000024656 _____ C:\Users\zilak\Downloads\Addition.txt
2022-10-15 09:13 - 2022-10-16 19:07 - 000019487 _____ C:\Users\zilak\Downloads\FRST.txt
2022-10-15 09:13 - 2022-10-16 19:07 - 000000000 ____D C:\FRST
2022-10-12 18:51 - 2022-10-12 18:51 - 000000000 ___HD C:\$WinREAgent
2022-10-10 18:34 - 2022-10-16 10:58 - 000000000 ____D C:\ProgramData\AVG
2022-10-08 11:25 - 2022-10-16 18:50 - 000000000 ____D C:\Program Files (x86)\Google
2022-10-08 11:25 - 2022-10-15 09:10 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-10-08 11:25 - 2022-10-08 11:30 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-08 11:25 - 2022-10-08 11:30 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-08 11:25 - 2022-10-08 11:25 - 000000000 ____D C:\Users\zilak\AppData\Local\Google
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Windows\system32\gf2engine
2022-10-08 11:24 - 2022-10-08 11:24 - 000000000 ____D C:\Users\zilak\AppData\Local\CEF
2022-10-08 11:22 - 2022-10-10 18:44 - 000000000 ____D C:\ProgramData\Avast Software

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-10-16 18:50 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-10-16 17:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-10-16 13:04 - 2020-11-22 08:29 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-10-16 10:57 - 2021-01-26 12:18 - 000000000 ____D C:\Users\zilak\AppData\Local\D3DSCache
2022-10-16 10:23 - 2020-11-22 08:08 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-10-16 10:23 - 2020-11-22 08:08 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-10-16 10:23 - 2020-05-06 20:41 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-10-16 10:23 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-10-16 10:20 - 2021-01-26 12:19 - 000000000 ___RD C:\Users\zilak\OneDrive
2022-10-16 10:19 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-16 10:19 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-16 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-16 10:19 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-16 10:14 - 2021-01-26 12:20 - 000000000 ____D C:\Users\zilak\AppData\Local\Lenovo
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-10-16 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-10-16 10:09 - 2020-11-22 08:28 - 000000000 ____D C:\ProgramData\Lenovo
2022-10-16 10:07 - 2021-01-26 12:13 - 000000000 ____D C:\Users\zilak
2022-10-15 13:38 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-10-15 12:57 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-10-15 12:40 - 2021-01-26 12:17 - 000000000 ____D C:\Users\zilak\AppData\Local\Packages
2022-10-15 09:12 - 2020-11-22 08:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-15 09:12 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-15 09:11 - 2021-01-31 17:37 - 000000000 ____D C:\Windows\system32\MRT
2022-10-15 09:08 - 2020-11-22 08:29 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-15 08:56 - 2021-01-31 17:37 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-12 18:48 - 2020-11-22 08:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-12 18:48 - 2020-11-22 08:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-08 23:08 - 2021-12-12 10:22 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:19 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2541232812-3930879844-776344880-1001
2022-10-08 23:08 - 2021-01-26 12:13 - 000002388 _____ C:\Users\zilak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Rudy píše: 16 říj 2022 17:03 Toto je fixlist. Fixlog vypadá asi takto: https://forum.viry.cz/viewtopic.php?p=1548316#p1548316 .

Ani teď ne. Soubor se jmenuje fixlog.txt a měl byste ho mít v C:\Users\zilak\Downloads. Dal jste sem log FRST.

tak snad:)

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {4d648741-25a2-11ec-8388-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {96720b8e-e799-11eb-8381-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {d86e685e-b33e-11eb-8370-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2541232812-3930879844-776344880-1001\...\MountPoints2: {f921dc97-7339-11eb-8364-1cbfc0eecf20} - "D:\HiSuiteDownLoader.exe"
Task: {0A83D5AB-5539-463B-BD7D-04AD5E61B7B5} - \Lenovo\ImController\TimeBasedEvents\712d7f69-ab75-46d8-bb0b-2393e13bc52e -> No File <==== ATTENTION
Task: {0CA766B3-3C19-49F6-8BC9-315941CCA157} - \Lenovo\ImController\TimeBasedEvents\83e6f802-5d7b-47fe-884a-5428d3a37892 -> No File <==== ATTENTION
Task: {18FF167A-1AE0-40A5-AC38-DA31214BEC38} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADupdater.exe (No File)
Task: {76EC2679-AC1C-4749-965C-604B63CDCC11} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {8370DD9B-4819-4615-9B33-67416D2ABA81} - \Lenovo\ImController\TimeBasedEvents\fd770beb-ded3-4d6d-b54e-9e3f839be78c -> No File <==== ATTENTION
Task: {A297D678-7F05-48CF-A163-FE415B8BFD07} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A5880341-2EDD-4E86-B306-334C1D407A39} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AAFE40D4-2E54-464A-9CE5-5480036B5EC9} - \Lenovo\ImController\TimeBasedEvents\ff76e360-df56-4815-91ee-bde603205f2e -> No File <==== ATTENTION
Task: {C404ACC3-0CDA-465D-86D2-463C4E7660D6} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D96E16FD-F9B4-4191-BC2E-A616D6888A1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
Task: {DBDC1CA1-55A7-4DCE-A19A-2AEB07438A6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2022-10-08] (Google Inc -> Google LLC)
U1 avgbdisk; no ImagePath

EmptyTemp:
End

Tak si myslím, že si ze mne děláte legraci. Je to stejné, jako fixlist zde: https://forum.viry.cz/viewtopic.php?p=1548403#p1548403 (to je to, co jsem vám napsal). Já potřebuji vidět fixlog. Je ve stejném adresáři, jako tyto soubory, z n ichž loy sem neustále dáváte (ty jsou mi teď celkem na nic), je ne se trefit do toho správného. Ten se jmenuje fixlog.txt.

VIRY.CZ

prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji

Re: prosím o kontrolu..při zapnutí dostávám upozornění,že jsem sledován,a plno upozornění na viry..děkuji