VIRY.CZ

Prosím o kontrolu, webhosting mi zablokoval i domenu a nejdou mi posilat emaikly, kvuli napadeni PC malwarem. Dekuju

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2022 01
Ran by pavel (administrator) on LAPTOP-PM9MEU92 (LENOVO 82C5) (11-11-2022 18:19:31)
Running from C:\Users\pavel\Downloads
Loaded Profiles: pavel
Platform: Microsoft Windows 11 Pro Version 22H2 22621.674 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(BatteryWidgetAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(IdeaNotebookAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SettingsWidgetAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.35\msedgewebview2.exe <12>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEMN.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenu.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SmartPrivacyAddin).exe
(LNBITSSvc.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\AutoModeDetect.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4b31d9b38e2bb506\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxextN.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.765.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1085224 2020-06-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2020-09-26] (Open-Shell) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3697029457-159368102-1774820147-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408888 2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3697029457-159368102-1774820147-1001\...\Run: [MicrosoftEdgeAutoLaunch_69421C100E73D208F867737CDCAEF29D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {052FFDED-3C44-46A1-A561-E619A6928AFE} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {06AFD173-1332-42F6-B0E0-AB58CB6C3CDF} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
Task: {08A3952F-947F-4740-9BA5-A203AC9C13F7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {08BD09F4-BBD5-4759-9418-2A6680D41823} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [49152 2022-05-07] (Microsoft Windows -> )
Task: {09C15BC4-56C9-4370-AF35-5F39C11F5211} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
Task: {11394320-882E-493D-A915-47CDA2DB529B} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4552120 2020-01-07] (McAfee, LLC -> McAfee, LLC.)
Task: {3661BC84-5B6D-471B-9448-B0F7377EC529} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {39DD96D1-59B6-4F39-8623-C3245452476F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afac36bd-a17a-48c6-a660-f6e9779814a8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {45D6AF81-9670-42EA-9061-6FD8C76BE489} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {469E30BF-35AD-48ED-8FFD-B627139C0C82} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {5566E733-22D3-43AE-B03B-95A9D6D99ECD} - System32\Tasks\Lenovo\LenovoWelcomeLauncher => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcome.exe [1000856 2022-04-22] (Lenovo -> Lenovo Group Ltd.)
Task: {5C750098-69B7-450A-A377-6A4FAF65F9AC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {5D2E30FD-1736-4E4A-BCE7-BAA0B69D6A77} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {6603C45B-277F-45C4-A46F-3D8247656295} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B253275-0985-413A-9DD9-8FABA41098C1} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {6B4A70BA-1302-4B6A-AFF4-013FDFFDBB92} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {741030AA-5E83-4319-AED7-BD558BF5BA7E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {776BC6E4-BD44-42F5-A9F4-3A5FA8103FE3} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752200 2018-05-21] (HP Inc. -> )
Task: {8882D5C1-4244-43A6-85FE-D9AEBE99863D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\38c20316-8d46-4e89-8564-8726a359a0d2 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {89506C9C-ACA3-474D-AE64-18DCEC6867BD} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8BD10BFA-3AE3-4A09-8EE0-23E2FB14C15A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8D765EF9-1CAA-4408-A0B5-6B4BDDEF757D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {A128FA74-9A2D-44F5-AC14-89C9131D5385} - System32\Tasks\Lenovo\LenovoWelcomeUninstall => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenoveWelcomeUninstall.exe [17816 2022-04-22] (Lenovo -> Lenovo Group Ltd.)
Task: {A7EFFC94-35B4-4E4A-92BA-487E9EBCE253} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308520 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9C7D034-0771-4EBA-A456-85FF23E2CDB2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-28] (Avast Software s.r.o. -> Avast Software)
Task: {ACAEBD3F-F6BC-4E2F-8682-7E1D7952D014} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B0271219-A0EF-44D1-8185-1195D6771ED3} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B307C451-55E3-4070-9A73-CD75DB62A23C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B67EDCD6-6E92-4F31-B71A-40E1F1CD646F} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C7E8F51F-B5DA-49A4-BB3D-E2DEA8F5B71B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6d133329-0044-4405-8191-4238c232c1a0 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C80305B5-2CC9-44E8-A475-69EB347BD26B} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CCF8F0A3-A7B6-4C21-9C27-EFF8E28CF579} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D9739048-364B-4B91-B312-18B9242D522B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
Task: {D99E8D5B-EB4B-401D-99BC-53E491B309C5} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {DE511E0E-9487-48F4-9137-4E65047A4322} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\55edcbae-69f7-4e7a-8f8f-1dc10737fcfe => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E0ABAA8F-2614-43AB-9226-9706021AE1E0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5e235518-e541-4864-9451-ebc62acfc187 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E5D1FF34-2108-42CB-A83A-D88EB509AD87} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308520 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBEFAAB3-99B5-474F-B4F0-F2220FF113FD} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF353EFB-67CF-4D6F-9B91-59A37ACCD93C} - System32\Tasks\Lenovo\LenovoWelcomeTask => C:\Program Files (x86)\Lenovo\LenovoWelcome\x86\LenovoWelcomeTask.exe [1555352 2022-04-22] (Lenovo -> Lenovo Group Ltd.)
Task: {F2358D97-C112-4CAE-BFFB-08FF2B6C7315} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F61E407B-15B6-4293-95B5-422076527656} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {FB70375C-B7FF-4BD4-A205-1F1FC06F5A7E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{77d7b24a-49f5-427c-8d52-d0912ee77b5c}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{df9b84f9-e821-4f15-b89e-20891022f570}: [DhcpNameServer] 150.208.1.2

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\pavel\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-11]
Edge HomePage: Default -> hxxp://www.msn.com/?pc=LCTE

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default [2022-11-11]
CHR Notifications: Default -> hxxps://www.bnk-as.cz; hxxps://www.discovery-japan.me; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Dokumenty Google offline) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539152 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12543912 2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [802816 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5026616 2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1832944 2021-08-12] (Lenovo -> Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2022-11-11] (Malwarebytes Inc -> Malwarebytes)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
S3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249328 2022-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137544 2022-10-28] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [42304 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238152 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390096 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [306128 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [105936 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [48512 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [276520 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [564304 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [114464 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [90008 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [862936 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [672272 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221944 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327896 2022-11-11] (Avast Software s.r.o. -> AVAST Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75896 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-27] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2022-11-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-11-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2022-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [527272 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380840 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85920 2020-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521128 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [997800 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [594360 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107960 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116856 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252328 2020-01-16] (McAfee, Inc. -> McAfee, LLC)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-10-28] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-11 18:19 - 2022-11-11 18:20 - 000035295 _____ C:\Users\pavel\Downloads\FRST.txt
2022-11-11 18:19 - 2022-11-11 18:19 - 000000000 ____D C:\FRST
2022-11-11 18:16 - 2022-11-11 18:16 - 000693828 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-11 18:16 - 2022-11-11 18:16 - 000143682 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-11 18:11 - 2022-11-11 18:11 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-11-11 18:10 - 2022-11-11 18:10 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-11-11 18:10 - 2022-11-11 18:10 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-11-11 18:10 - 2022-11-11 18:10 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-11 18:10 - 2022-11-11 18:10 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-11 18:10 - 2022-11-11 18:10 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-11-11 18:10 - 2022-11-11 18:10 - 000000000 ____D C:\Users\pavel\AppData\Local\mbam
2022-11-11 18:10 - 2022-11-11 18:10 - 000000000 ____D C:\Users\pavel\AppData\Local\Avast Software
2022-11-11 18:09 - 2022-11-11 18:09 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-11-11 18:09 - 2022-11-11 18:09 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-11-11 18:09 - 2022-11-11 18:09 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-11-11 18:09 - 2022-11-11 18:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-11-11 18:09 - 2022-11-11 18:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-11 18:09 - 2022-11-11 18:09 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-11 18:08 - 2022-11-11 18:08 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2022-11-11 18:06 - 2022-11-11 18:07 - 219256648 _____ (Malwarebytes) C:\Users\pavel\Downloads\mb4-setup-consumer-4.4.5.229-1.0.1430-1.0.44238.exe
2022-11-11 18:03 - 2022-11-11 18:03 - 002375168 _____ (Farbar) C:\Users\pavel\Downloads\FRST64.exe
2022-11-11 18:01 - 2022-11-11 18:01 - 000270552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-11 18:01 - 2022-11-11 18:01 - 000221944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-11-11 17:59 - 2022-11-11 17:59 - 000230080 _____ (AVAST Software) C:\Users\pavel\Downloads\avast_free_antivirus_setup_online-st_049u (1).exe
2022-10-28 08:08 - 2022-10-28 08:08 - 002575632 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 002088728 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000327680 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000296448 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000157008 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000105312 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000062800 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-10-28 08:08 - 2022-10-28 08:08 - 000055144 _____ C:\WINDOWS\system32\SFAPE.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000046888 _____ C:\WINDOWS\system32\wow64base.dll
2022-10-28 08:08 - 2022-10-28 08:08 - 000016565 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-10-28 08:07 - 2022-10-28 08:07 - 000000000 ___HD C:\$WinREAgent
2022-10-19 07:58 - 2022-11-06 19:11 - 000000000 ____D C:\Windows.old
2022-10-19 07:57 - 2022-10-19 07:58 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-10-19 07:56 - 2022-10-19 07:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-10-19 07:56 - 2022-10-19 07:56 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-10-19 07:53 - 2022-10-19 07:53 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-10-19 07:53 - 2022-10-19 07:53 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-10-19 07:53 - 2022-10-19 07:53 - 000192512 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-10-19 07:53 - 2022-10-19 07:53 - 000180224 _____ C:\WINDOWS\system32\stordiag.exe
2022-10-19 07:53 - 2022-10-19 07:53 - 000133120 _____ C:\WINDOWS\SysWOW64\stordiag.exe
2022-10-19 07:53 - 2022-10-19 07:53 - 000098304 _____ C:\WINDOWS\system32\dplcsp.dll
2022-10-19 07:50 - 2022-10-19 07:50 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2022-10-19 07:50 - 2022-10-19 07:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-10-19 07:50 - 2022-10-19 07:50 - 000000000 ____D C:\WINDOWS\addins
2022-10-19 07:08 - 2022-11-11 18:16 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-10-19 07:06 - 2022-10-19 07:06 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-10-19 07:04 - 2022-11-11 18:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-10-19 07:04 - 2022-11-11 18:06 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-10-19 07:04 - 2022-11-10 18:55 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3697029457-159368102-1774820147-1001
2022-10-19 07:04 - 2022-11-10 18:55 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3697029457-159368102-1774820147-1001
2022-10-19 07:04 - 2022-11-10 06:33 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-19 07:04 - 2022-11-10 06:33 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-19 07:04 - 2022-10-19 07:04 - 000004036 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2022-10-19 07:04 - 2022-10-19 07:04 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-19 07:04 - 2022-10-19 07:04 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-10-19 07:04 - 2022-10-19 07:04 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-10-19 07:04 - 2022-10-19 07:04 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3697029457-159368102-1774820147-500
2022-10-19 07:04 - 2022-10-19 07:04 - 000002726 _____ C:\WINDOWS\system32\Tasks\EPM Preload
2022-10-19 07:04 - 2022-10-19 07:04 - 000002650 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2022-10-19 07:04 - 2022-10-19 07:04 - 000000020 ___SH C:\Users\pavel\ntuser.ini
2022-10-19 07:04 - 2022-10-19 07:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-10-19 07:04 - 2022-10-19 07:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-10-19 07:04 - 2022-10-19 07:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-10-19 07:04 - 2020-10-20 22:43 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2454752443-609906946-3128382941-500
2022-10-19 07:04 - 2020-05-06 19:41 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3643460898-1865012685-2946422182-500
2022-10-19 07:03 - 2022-10-19 07:04 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2022-10-19 07:03 - 2022-10-19 07:04 - 000011433 _____ C:\WINDOWS\diagerr.xml
2022-10-19 07:00 - 2022-10-19 07:04 - 000000000 ____D C:\Users\pavel
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Šablony
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Soubory cookie
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Poslední
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Okolní tiskárny
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Okolní síť
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Nabídka Start
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Dokumenty
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Documents\Obrázky
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Documents\Hudba
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Documents\Filmy
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\Data aplikací
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-10-19 07:00 - 2022-10-19 07:00 - 000000000 _SHDL C:\Users\pavel\AppData\Local\Data aplikací
2022-10-19 07:00 - 2022-05-07 06:19 - 000001281 _____ C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-10-19 07:00 - 2022-05-07 06:19 - 000000407 _____ C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-10-19 06:59 - 2022-11-10 18:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-10-19 06:59 - 2022-10-28 08:29 - 000472928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-10-19 06:59 - 2022-10-19 06:59 - 000000000 ____D C:\WINDOWS\system32\config\BFS

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-11 18:16 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2022-11-11 18:15 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-11-11 18:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-11 18:11 - 2021-01-14 17:34 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-11 18:10 - 2021-01-14 18:02 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-11 18:09 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-11 18:09 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-11 18:09 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-11 18:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-11 18:08 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-11 18:08 - 2021-02-11 16:30 - 000000000 ____D C:\Program Files\Microsoft Office
2022-11-11 18:08 - 2021-01-15 14:38 - 000002099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-11-11 18:08 - 2021-01-15 14:38 - 000002087 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-11-11 18:08 - 2021-01-14 17:32 - 000000000 __SHD C:\Users\pavel\IntelGraphicsProfiles
2022-11-11 18:08 - 2020-10-20 22:54 - 000000000 ___HD C:\Intel
2022-11-11 18:08 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2022-11-11 18:01 - 2021-01-15 14:35 - 000862936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000672272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000564304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000390096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000327896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000306128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000276520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000238152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000114464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000105936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000090008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000048512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000042304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-11 18:01 - 2021-01-15 14:35 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-11-11 17:59 - 2021-01-14 17:35 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-11 17:59 - 2021-01-14 17:35 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-11 17:59 - 2020-05-06 19:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-11 17:58 - 2021-01-14 18:02 - 000000000 ____D C:\Users\pavel\AppData\Local\D3DSCache
2022-11-10 19:08 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows Defender
2022-11-10 19:05 - 2022-05-07 06:17 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2022-11-10 18:55 - 2021-01-15 15:52 - 000002388 _____ C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-08 16:22 - 2021-02-11 16:24 - 000000000 ____D C:\Users\pavel\Documents\Faktury 2021
2022-11-07 06:35 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-07 06:35 - 2021-01-14 17:32 - 000000000 ____D C:\Users\pavel\AppData\Local\Packages
2022-11-06 19:09 - 2022-10-09 07:19 - 000000000 ___DC C:\WINDOWS\Panther
2022-11-06 10:33 - 2020-10-20 22:47 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-10-28 08:28 - 2022-05-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-10-28 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-10-28 08:27 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-10-28 08:27 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-10-28 08:21 - 2022-05-07 06:25 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-28 08:21 - 2022-05-07 06:24 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-28 07:57 - 2021-01-14 17:25 - 000000000 ____D C:\ProgramData\Packages
2022-10-24 04:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\appcompat
2022-10-24 04:51 - 2021-01-14 17:34 - 000000000 ____D C:\Users\pavel\AppData\Local\PlaceholderTileLogoFolder
2022-10-19 07:58 - 2022-05-07 06:28 - 000000000 ____D C:\WINDOWS\Setup
2022-10-19 07:58 - 2022-05-07 06:24 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 __RHD C:\Users\Public\Libraries
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\spool
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2022-10-19 07:58 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-10-19 07:58 - 2021-06-27 06:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2022-10-19 07:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-10-19 07:58 - 2021-03-12 17:27 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-10-19 07:58 - 2021-02-11 16:26 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2022-10-19 07:58 - 2021-01-15 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open-Shell
2022-10-19 07:58 - 2021-01-14 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProFact
2022-10-19 07:58 - 2021-01-14 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2022-10-19 07:58 - 2021-01-14 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-10-19 07:58 - 2021-01-14 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-19 07:58 - 2020-10-20 22:53 - 000000000 ____D C:\Program Files\Intel
2022-10-19 07:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-10-19 07:57 - 2022-01-28 22:22 - 000000000 ____D C:\WINDOWS\system32\cAVS
2022-10-19 07:57 - 2022-01-28 22:22 - 000000000 ____D C:\WINDOWS\Lenovo
2022-10-19 07:57 - 2021-03-12 18:28 - 000000000 ____D C:\WINDOWS\twain_64
2022-10-19 07:54 - 2022-05-07 06:25 - 000076800 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2022-10-19 07:54 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2022-10-19 07:51 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\OCR
2022-10-19 07:50 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-10-19 07:50 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\winrm
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\slmgr
2022-10-19 07:50 - 2022-05-07 11:05 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-10-19 07:50 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-10-19 07:50 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2022-10-19 07:04 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Windows NT
2022-10-19 07:04 - 2020-05-06 19:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-10-19 07:03 - 2021-03-12 17:27 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2022-10-19 07:00 - 2021-01-14 19:18 - 000000000 ____D C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-10-19 06:59 - 2022-01-28 22:22 - 000000000 ____D C:\WINDOWS\system32\Intel
2022-10-19 06:59 - 2022-01-28 22:22 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2022-10-19 06:15 - 2021-01-24 07:03 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-19 06:15 - 2021-01-24 07:03 - 000000000 ____D C:\WINDOWS\system32\MRT

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
¨
¨
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2022 01
Ran by pavel (11-11-2022 18:22:04)
Running from C:\Users\pavel\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.674 (X64) (2022-10-19 06:04:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3697029457-159368102-1774820147-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3697029457-159368102-1774820147-503 - Limited - Disabled)
Guest (S-1-5-21-3697029457-159368102-1774820147-501 - Limited - Disabled)
pavel (S-1-5-21-3697029457-159368102-1774820147-1001 - Administrator - Enabled) => C:\Users\pavel
WDAGUtilityAccount (S-1-5-21-3697029457-159368102-1774820147-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.10.6038 - Avast Software)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1677 - Disc Soft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM\...\{00C43022-CFDA-4942-9D3F-04199C91C939}) (Version: 10.1.18121.8164 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome) (Version: 3.5.0.40 - Lenovo Group Ltd.)
Malwarebytes version 4.4.5.130 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.5.130 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.35 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.35 - Microsoft Corporation)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft Office Home and Business 2016 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3697029457-159368102-1774820147-1001\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Open-Shell (HKLM\...\{F4B6EE58-F183-4B0D-930B-4480673C0F5B}) (Version: 4.4.160 - The Open-Shell Team)
ProFact 5 (HKLM-x32\...\ProFact_is1) (Version: - eXmind)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30.05.2018) - HP Printing Korea Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.07.2017) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.05.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.32 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.4.0_neutral__yxz26nhyzhsrt [2022-11-10] (Microsoft Corp.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2021-01-14] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.20.0_x64__5grkq8ppsgwt4 [2022-10-17] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-10-24] (LENOVO INC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-25] (Microsoft Studios) [MS Ad]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-28] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-10-28] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-10-28] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-24] (Microsoft Corporation)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-05-04] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.221.0_x64__dt26b99r8h8gj [2021-01-14] (Realtek Semiconductor Corp)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-03-12] (Samsung Electronics Co. Ltd.)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-10-28] (Microsoft Windows)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-01-15] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-11-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-11-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2020-09-26] (Open-Shell) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-04-29 17:26 - 2022-04-29 17:27 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-02-11 16:30 - 2021-02-11 16:30 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-02-11 16:30 - 2021-02-11 16:30 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2020-09-26 13:47 - 2020-09-26 13:47 - 000975872 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\ClassicExplorer64.dll
2020-09-26 13:47 - 2020-09-26 13:47 - 002659328 _____ (Open-Shell) [File not signed] C:\Program Files\Open-Shell\StartMenuDLL.dll
2017-11-08 07:35 - 2017-11-08 07:35 - 000123904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3697029457-159368102-1774820147-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-10-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2020-09-26] (Open-Shell) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2020-09-26] (Open-Shell) [File not signed]
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-11] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3697029457-159368102-1774820147-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pavel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\20210827_165449.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0E808762-20F4-4298-97F9-DEFB325A1DB3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58A082D2-9C7E-46D2-B31D-798ABFE247CB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4DF71196-CAFE-4B18-8450-9CF74918969B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{E1FC6D04-4D27-44BB-809F-63FF72D7D0AC}] => (Allow) C:\Users\pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F1E84A96-2835-4272-B789-F2C4C49CA07E}] => (Allow) C:\Users\pavel\AppData\Local\Temp\Ins93AE\Setup.exe => No File
FirewallRules: [{9D7FFA98-F4EF-40E9-8002-6AC3910D2787}] => (Allow) C:\Users\pavel\AppData\Local\Temp\InsEF5E\Setup.exe => No File
FirewallRules: [{4501ECA3-9332-4115-AC19-375D5D17CD6C}] => (Allow) C:\Users\pavel\AppData\Local\Temp\Ins14CF\Setup.exe => No File
FirewallRules: [{BF99C038-59BD-467B-8803-C4F4DC6BC10E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{9B315993-6829-4F06-9340-04F691CAF313}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C879CF1A-F36F-4EA9-99FA-231C546F159C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{00677690-19AC-4388-A2A2-3E1772E67C67}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1AB9199C-21E7-4A62-A8A9-7888D8936211}] => (Allow) C:\Users\pavel\AppData\Local\Temp\InsAE43\Setup.exe => No File
FirewallRules: [{29C7DFC1-77BA-465C-B466-C97D703DAA78}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7904BC92-E700-4A09-82E0-EC477ECAB239}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{19B1C46E-1701-4358-BE19-F09AE8ACD0D0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{08A74C6C-148C-4375-BE9E-7867FA8BCD96}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{4DC6D9FE-8EAB-41A8-9FB0-13832063F012}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{8AB98FF4-3678-4963-9599-8D8A7098A8A7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{D78506C3-0A53-46DC-8677-5EA802515469}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1C522C07-465F-4C3D-BA89-91DA37D23986}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{E5A3CEFA-D619-46E6-AFF5-161596D450D1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{02B2D54D-FA4B-4899-8235-E1CCB42A7CD3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{B96A2C2C-05D5-4FFE-A21F-71B57568C56A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E4E6F4B2-3F2E-49B2-B980-95BED51D660E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{B6ECF984-7760-43FE-B5C1-B993A3AFC1D8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{3B17A871-3E63-414D-9470-47FC583D6B46}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{32A3491D-DB6D-4239-9B1F-30D75F4130BE}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{315E6C53-A171-4FD5-ADEE-919B83B6021A}C:\program files (x86)\common files\scan process machine\imageeng.exe] => (Allow) C:\program files (x86)\common files\scan process machine\imageeng.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E77760E4-5653-4ADF-9F02-82CD26BE65FE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B6FB563F-7A9F-46F0-90C8-49B98D7FA43A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4E165234-9208-4C77-B51C-CC0944EBB574}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{678C9341-966B-4A7E-9E7B-29FD96104413}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F673489C-8110-404E-B720-C371498B76A6}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{05F209F7-EB28-4FF2-9C95-93B990C017CE}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

07-11-2022 06:35:04 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/11/2022 06:22:34 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu Mapi16 nebyl načten. Popis chyby: (HRESULT : 0x80004005).

Error: (11/11/2022 05:58:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1033\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/11/2022 05:58:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1029\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/10/2022 07:05:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1033\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/10/2022 07:05:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1029\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/10/2022 07:05:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1033\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/10/2022 07:05:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1029\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/10/2022 07:05:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Avast Software\Avast\1033\UILangRes.dll se nezdařilo.
Závislé sestavení avast.local_vc142.crt,processorArchitecture="amd64",publicKeyToken="b7b3b11e08ac5c30",type="win32",version="14.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (11/11/2022 06:08:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba HvHost byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (11/11/2022 06:08:06 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Služba Zabezpečení Windows se po přijetí pokynu pro vypnutí neukončila správně.

Error: (11/11/2022 06:07:56 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby UsoSvc s argumenty Není k dispozici za účelem spuštění serveru:
{9C695035-48D2-4229-8B73-4C70E756E519}

Error: (11/11/2022 05:58:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PM9MEU92)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/10/2022 06:35:09 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PM9MEU92)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/08/2022 04:09:19 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-PM9MEU92)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/07/2022 06:42:53 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: aswArPot.sys

Error: (11/07/2022 06:42:40 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.


CodeIntegrity:
===============
Date: 2022-11-11 18:20:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO DKCN53WW 05/31/2021
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 78%
Total physical RAM: 7987.24 MB
Available physical RAM: 1727.05 MB
Total Virtual: 8499.24 MB
Available Virtual: 2180.31 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:410.31 GB) (Model: WDC PC SN530 SDBPMPZ-512G-1101) NTFS

\\?\Volume{79bf316d-69d9-4015-9010-b1c6b64a0a4e}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.21 GB) NTFS
\\?\Volume{9784de84-8e5d-443a-9b30-105b39b18959}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 9D75EE87)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spustte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 14.11.22
Čas skenování: 14:03
Logovací soubor: bcdbc74e-641c-11ed-8f19-000000000000.json

-Informace o softwaru-
Verze: 4.4.5.130
Verze komponentů: 1.0.1430
Aktualizovat verzi balíku komponent: 1.0.62284
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 22621.674)
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Plánovač
Výsledek: Dokončeno
Skenované objekty: 280220
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 52 hod, 32 min, 40 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {052FFDED-3C44-46A1-A561-E619A6928AFE} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {5C750098-69B7-450A-A377-6A4FAF65F9AC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {09C15BC4-56C9-4370-AF35-5F39C11F5211} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {D9739048-364B-4B91-B312-18B9242D522B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-14] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [{F1E84A96-2835-4272-B789-F2C4C49CA07E}] => (Allow) C:\Users\pavel\AppData\Local\Temp\Ins93AE\Setup.exe => No File
FirewallRules: [{9D7FFA98-F4EF-40E9-8002-6AC3910D2787}] => (Allow) C:\Users\pavel\AppData\Local\Temp\InsEF5E\Setup.exe => No File
FirewallRules: [{4501ECA3-9332-4115-AC19-375D5D17CD6C}] => (Allow) C:\Users\pavel\AppData\Local\Temp\Ins14CF\Setup.exe => No File
FirewallRules: [{1AB9199C-21E7-4A62-A8A9-7888D8936211}] => (Allow) C:\Users\pavel\AppData\Local\Temp\InsAE43\Setup.exe => No File

EmptyTemp:
End

Uložte do C:\Users\pavel\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.