Preventivka
Napsal: 02 pro 2022 21:49
Zdravim, skontrolujte notebook ci je poriadku... Ďakujem vopred.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (02-12-2022 21:29:12)
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Platform: Microsoft Windows 10 Home Version 22H2 19045.2311 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\93.0.4585.37\opera_crashreporter.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.28.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <22>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Run: [MicrosoftEdgeAutoLaunch_A24FDCC3D8DDD92F5558669C9816EEE8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892136 2022-11-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {050C8552-8EAE-40DC-BFFC-AD3F53242765} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {12305BF9-9261-4BFB-9F43-BAA4C3957E83} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {1C64CEA6-77EA-48B2-ABF8-BF9A6EECD22A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4951448 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
Task: {2F32FF88-B45B-4C24-9A38-5871224DDE34} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {4ECED780-29E3-4263-B5A1-60B814AAED6D} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {543BD9E2-E966-437A-866F-C0916C6899AC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e4d7dc66-a47b-4ff4-9a7f-5b36e7858c73" --version "6.06.10144" --silent
Task: {54D0342D-E4B7-4D94-95BC-20FFBC111454} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {65EC9CB1-E0FF-4C9E-B04B-29964DBC82B3} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\launcher.exe [2631112 2022-12-01] (Opera Norway AS -> Opera Software)
Task: {6B84ECA4-83F3-45AA-A195-40DEB0BC1121} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {6F6C3CDE-A69F-4CA9-8074-BA16DB8726C0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {80E9EBCF-3914-4F73-BD3E-6618B46D6873} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a94d2b91-a4a3-4029-84a0-3ff0a1947457 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {8352A565-3B21-4BA3-B706-C809A1A39EBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {87110B59-4EF5-4750-A850-6167C5D71119} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88B98673-7BA4-4BC9-A7BD-B94C157356F9} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8D7FEFAB-9722-4248-9D98-7D67393CEC73} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {96E270C2-5A12-4991-B3E9-50DE7FB47402} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {984F9584-260A-42F1-A362-B7F1F794D7CE} - System32\Tasks\CCleanerSkipUAC - Kohutovci => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9AFB8F06-2F50-44DA-BAE4-BB2A3B8E59E1} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {A0187FC6-DF11-4E4C-9B7A-567958446236} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B7C267D4-56ED-4A73-B01A-A68974E42738} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7c2d3b32-7cd5-4cb6-8314-2530939ea7ff => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {BAD28B6B-6E90-4EDC-922D-015CC4DC725A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C5B7651A-264B-4E1F-B269-0D469F5608D5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CC6DB955-76C3-4570-B05F-7051921B3D5E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\18f682fe-7ef7-421c-9a9b-ba60aa670f55 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D405FA29-2BCD-4A2A-85EB-7EC53A987F8E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D4BB497B-3502-4E76-8C0F-962573ABC31F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2e66f608-9283-440a-a8ee-fd39ca8b8c8f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DADC32ED-8BA1-4E91-B54F-01595A35CEA5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {DF24313E-FDAA-466E-8529-EC275E499A29} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E61EBF01-9743-4EBA-B7EE-03E64DA28F7E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\904f27bb-d892-4c10-bbf9-700d9e00cb37 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F422B30E-3711-4745-8066-B89C12110885} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F4ACA811-E22A-4E83-A523-1AF69D0EE0EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F74DC4FE-BA17-45E8-9994-9EDB536E7374} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {FF4CEBFD-EA66-4D2B-B291-8E4061C37D89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [DhcpNameServer] 172.21.21.9 8.8.8.8
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-02]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-12-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-12-02] (Oracle America, Inc. -> Oracle Corporation)
Opera:
=======
OPR Profile: C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable [2022-12-02]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Session Restore: Opera Stable -> is enabled.
OPR Extension: (Rich Hints Agent) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-01]
OPR Extension: (Opera Wallet) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-02]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8552856 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [596888 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [596888 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-12-02] (Malwarebytes Inc. -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31376 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229720 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391264 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268480 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555520 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105760 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80384 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [688336 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [210632 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318464 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-12-02] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 LenovoBoost; C:\WINDOWS\system32\DRIVERS\vanboost.sys [47888 2022-06-14] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-02 21:29 - 2022-12-02 21:32 - 000024111 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2022-12-02 21:27 - 2022-12-02 21:30 - 000000000 ____D C:\FRST
2022-12-02 21:11 - 2022-12-02 21:11 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk
2022-12-02 21:05 - 2022-12-02 21:05 - 002375680 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2022-12-02 20:45 - 2022-12-02 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-12-02 20:43 - 2022-12-02 20:44 - 000000000 ____D C:\Program Files\LibreOffice
2022-12-02 19:51 - 2022-12-02 19:51 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-12-02 19:51 - 2022-12-02 19:49 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-12-02 19:26 - 2022-12-02 19:26 - 000002451 _____ C:\Users\Kohutovci\Desktop\Microsoft Edge.lnk
2022-11-20 16:53 - 2022-11-20 16:53 - 000210632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-11-20 16:53 - 2022-11-20 16:52 - 000273816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-20 16:36 - 2022-11-20 16:57 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-20 16:36 - 2022-11-20 16:36 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-20 15:05 - 2022-11-20 15:05 - 000012261 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-20 15:03 - 2022-11-20 15:03 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-20 13:52 - 2022-11-20 13:52 - 000000000 ___HD C:\$WinREAgent
2022-11-11 21:14 - 2022-11-12 09:20 - 000000000 ____D C:\Program Files\RUXIM
2022-11-09 11:22 - 2022-11-09 11:22 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 11:22 - 2022-11-09 11:22 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-02 21:33 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2022-12-02 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-02 21:12 - 2018-03-30 21:29 - 000000000 ____D C:\Program Files\CCleaner
2022-12-02 21:11 - 2018-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Java
2022-12-02 21:08 - 2018-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-12-02 21:05 - 2018-04-02 19:30 - 000168096 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-12-02 21:01 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2022-12-02 21:00 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-12-02 20:58 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2022-12-02 20:48 - 2021-12-19 15:45 - 000001173 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2022-12-02 20:03 - 2018-12-29 23:14 - 000000898 _____ C:\Users\Kohutovci\Desktop\KMPlayer 64X.lnk
2022-12-02 19:51 - 2021-12-23 19:47 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-12-02 19:51 - 2020-12-01 23:47 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-12-02 19:51 - 2019-05-17 22:10 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-12-02 19:49 - 2019-05-17 22:10 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-12-02 19:49 - 2018-04-03 15:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-12-02 19:49 - 2018-04-03 15:20 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-02 19:31 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2022-12-02 19:30 - 2020-06-28 17:02 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2022-12-02 19:30 - 2018-03-28 08:45 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2022-12-02 19:19 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-02 18:25 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2022-12-01 15:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-01 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-01 14:48 - 2020-06-28 17:02 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-30 15:22 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-20 17:00 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2022-11-20 16:57 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-20 16:57 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-20 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-20 16:56 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-20 16:54 - 2019-01-14 15:32 - 000391264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-20 16:53 - 2020-09-01 21:17 - 000268480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-20 16:53 - 2020-04-03 08:06 - 000555520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-20 16:53 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-20 16:53 - 2019-01-05 14:54 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-20 16:53 - 2019-01-05 14:54 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-20 16:53 - 2018-10-09 13:36 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-20 16:53 - 2018-04-03 17:01 - 000688336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-20 16:53 - 2018-04-03 17:01 - 000318464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-20 16:53 - 2018-04-03 17:01 - 000105760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-20 16:53 - 2018-04-03 17:01 - 000080384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-20 16:52 - 2019-01-05 14:54 - 000031376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-20 16:52 - 2018-04-03 17:01 - 000852000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-20 16:52 - 2018-04-03 17:01 - 000229720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-20 16:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-20 16:40 - 2021-04-25 15:16 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-20 16:36 - 2020-06-28 17:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-20 15:31 - 2020-06-28 16:44 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-20 15:26 - 2021-10-31 16:03 - 000002083 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-11-20 15:26 - 2020-06-28 16:36 - 000634120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-20 15:26 - 2018-04-03 17:02 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-11-20 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-20 15:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-20 15:02 - 2020-06-28 16:42 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-19 14:09 - 2022-09-14 19:51 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\com.adobe.dunamis
2022-11-19 14:08 - 2021-02-20 13:22 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-18 18:48 - 2022-10-12 10:09 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-18 18:48 - 2022-10-12 10:09 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-11-14 19:25 - 2020-10-11 08:18 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-14 19:25 - 2020-10-11 08:18 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 21:14 - 2018-11-16 15:34 - 000000000 ____D C:\Program Files\rempl
2022-11-09 11:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 11:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 11:38 - 2020-12-01 23:43 - 000010232 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2022-11-09 10:28 - 2020-06-28 13:04 - 000000000 ____D C:\Users\Kohutovci
2022-11-09 09:03 - 2018-03-28 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 08:40 - 2018-03-28 07:25 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2022-02-01 17:11 - 2022-02-01 17:21 - 000007597 _____ () C:\Users\Kohutovci\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Kohutovci (02-12-2022 21:42:03)
Running from C:\Users\Kohutovci\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2311 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.11.6041 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{9A106F13-BA73-4E76-AB5E-D37BAEF94A24}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2022.11.25.17 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
LibreOffice 7.4.3.2 (HKLM\...\{C724CD98-7AEB-4F85-8C10-9721600CE0DA}) (Version: 7.4.3.2 - The Document Foundation)
Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 93.0.4585.37 (HKLM-x32\...\Opera 93.0.4585.37) (Version: 93.0.4585.37 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.51.0 - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.11 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2210.56.0_x64__k1h2ywk1493x8 [2022-11-22] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.28.0_x64__5grkq8ppsgwt4 [2022-11-28] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-27] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-04] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-11-30] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-12-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-12-02] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F0C37DF3-9B47-442F-B738-77306B89CB9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{D5AFF92B-5FE7-4255-8C8C-8A4170E41591}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{16083281-EE06-436E-8F7F-BC7A3FB70460}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{17873BB0-DC05-47E8-8921-FFE25E571BB3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{146DE832-C65F-47B4-840B-9317E30FE67E}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{F35893C0-8277-43D3-AB01-B3D11E9DE05C}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{738D02E8-E89D-43A1-9D6F-FF8CEE5171D1}] => (Allow) C:\Program Files\Opera\93.0.4585.21\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{C9D410B4-81AA-44A0-9B93-1B8948CB5E5F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22944510-14CD-4444-BF12-F747807B118A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4193EC1-9908-4256-9718-A662DD10332D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB16F4D6-20E4-47CF-BCD1-CE5C517690C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38361FF4-5FD6-4DDD-BEB9-FAB45403A8BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0524463-C2E5-41CC-89C6-BEEBCC8B09E1}] => (Allow) C:\Program Files\Opera\93.0.4585.37\opera.exe (Opera Norway AS -> Opera Software)
==================== Restore Points =========================
29-11-2022 15:59:04 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/02/2022 09:33:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x332c
Čas spustenia chybujúcej aplikácie: 0x01d9068d50184aa7
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e832f198-8575-49d8-975a-69c69915b6bc
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: ShellFeedsUI
Error: (12/02/2022 09:28:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x39f0
Čas spustenia chybujúcej aplikácie: 0x01d9068c93749512
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: f0b07f3f-3a27-4613-9c2d-8c4554a4d71b
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2203.761.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x1820
Čas spustenia chybujúcej aplikácie: 0x01d9068bfd24e077
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 06167b12-a8bb-4ea1-8a21-4a769255d5fa
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x37e4
Čas spustenia chybujúcej aplikácie: 0x01d9068bfb7a991f
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 21928aef-a68c-48bb-b464-212556b6eb4c
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x214c
Čas spustenia chybujúcej aplikácie: 0x01d9068bf0e7306d
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 9c4bf3a2-127d-46af-951e-29989fa64d1c
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x3860
Čas spustenia chybujúcej aplikácie: 0x01d9068beea432ea
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: b0db036b-3fb0-423d-988e-f77bbc8f0e37
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0xcec
Čas spustenia chybujúcej aplikácie: 0x01d9068be8d3cdc4
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: d6004190-7fb1-4155-89b2-a8f056d6dc86
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x14ec
Čas spustenia chybujúcej aplikácie: 0x01d9068be5e6f8bc
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e7a28982-8e5c-40f4-8d16-5205fc30b175
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
System errors:
=============
Error: (12/02/2022 09:33:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca did not register with DCOM within the required timeout.
Error: (12/02/2022 09:28:04 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2203.761.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:52 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:50 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:29 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:15 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2022-12-02 21:28:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-12-02 21:26:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 83%
Total physical RAM: 5941.05 MB
Available physical RAM: 976.4 MB
Total Virtual: 12085.05 MB
Available Virtual: 5534.48 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:383 GB) (Model: TOSHIBA MQ01ABF050) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) (Model: TOSHIBA MQ01ABF050) NTFS
\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (02-12-2022 21:29:12)
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Platform: Microsoft Windows 10 Home Version 22H2 19045.2311 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\93.0.4585.37\opera_crashreporter.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.28.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <22>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Run: [MicrosoftEdgeAutoLaunch_A24FDCC3D8DDD92F5558669C9816EEE8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892136 2022-11-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {050C8552-8EAE-40DC-BFFC-AD3F53242765} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {12305BF9-9261-4BFB-9F43-BAA4C3957E83} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {1C64CEA6-77EA-48B2-ABF8-BF9A6EECD22A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4951448 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
Task: {2F32FF88-B45B-4C24-9A38-5871224DDE34} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {4ECED780-29E3-4263-B5A1-60B814AAED6D} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {543BD9E2-E966-437A-866F-C0916C6899AC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e4d7dc66-a47b-4ff4-9a7f-5b36e7858c73" --version "6.06.10144" --silent
Task: {54D0342D-E4B7-4D94-95BC-20FFBC111454} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {65EC9CB1-E0FF-4C9E-B04B-29964DBC82B3} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\launcher.exe [2631112 2022-12-01] (Opera Norway AS -> Opera Software)
Task: {6B84ECA4-83F3-45AA-A195-40DEB0BC1121} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {6F6C3CDE-A69F-4CA9-8074-BA16DB8726C0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {80E9EBCF-3914-4F73-BD3E-6618B46D6873} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a94d2b91-a4a3-4029-84a0-3ff0a1947457 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {8352A565-3B21-4BA3-B706-C809A1A39EBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {87110B59-4EF5-4750-A850-6167C5D71119} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88B98673-7BA4-4BC9-A7BD-B94C157356F9} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8D7FEFAB-9722-4248-9D98-7D67393CEC73} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {96E270C2-5A12-4991-B3E9-50DE7FB47402} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {984F9584-260A-42F1-A362-B7F1F794D7CE} - System32\Tasks\CCleanerSkipUAC - Kohutovci => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9AFB8F06-2F50-44DA-BAE4-BB2A3B8E59E1} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {A0187FC6-DF11-4E4C-9B7A-567958446236} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B7C267D4-56ED-4A73-B01A-A68974E42738} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7c2d3b32-7cd5-4cb6-8314-2530939ea7ff => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {BAD28B6B-6E90-4EDC-922D-015CC4DC725A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C5B7651A-264B-4E1F-B269-0D469F5608D5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CC6DB955-76C3-4570-B05F-7051921B3D5E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\18f682fe-7ef7-421c-9a9b-ba60aa670f55 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D405FA29-2BCD-4A2A-85EB-7EC53A987F8E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D4BB497B-3502-4E76-8C0F-962573ABC31F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2e66f608-9283-440a-a8ee-fd39ca8b8c8f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DADC32ED-8BA1-4E91-B54F-01595A35CEA5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {DF24313E-FDAA-466E-8529-EC275E499A29} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E61EBF01-9743-4EBA-B7EE-03E64DA28F7E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\904f27bb-d892-4c10-bbf9-700d9e00cb37 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F422B30E-3711-4745-8066-B89C12110885} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F4ACA811-E22A-4E83-A523-1AF69D0EE0EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F74DC4FE-BA17-45E8-9994-9EDB536E7374} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {FF4CEBFD-EA66-4D2B-B291-8E4061C37D89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [DhcpNameServer] 172.21.21.9 8.8.8.8
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-02]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-12-02] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-12-02] (Oracle America, Inc. -> Oracle Corporation)
Opera:
=======
OPR Profile: C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable [2022-12-02]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Session Restore: Opera Stable -> is enabled.
OPR Extension: (Rich Hints Agent) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-01]
OPR Extension: (Opera Wallet) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-02]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8552856 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [596888 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [596888 2022-11-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-12-02] (Malwarebytes Inc. -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31376 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229720 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391264 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-14] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268480 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555520 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105760 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80384 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [688336 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [210632 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318464 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-12-02] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 LenovoBoost; C:\WINDOWS\system32\DRIVERS\vanboost.sys [47888 2022-06-14] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-02 21:29 - 2022-12-02 21:32 - 000024111 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2022-12-02 21:27 - 2022-12-02 21:30 - 000000000 ____D C:\FRST
2022-12-02 21:11 - 2022-12-02 21:11 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk
2022-12-02 21:05 - 2022-12-02 21:05 - 002375680 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2022-12-02 20:45 - 2022-12-02 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-12-02 20:43 - 2022-12-02 20:44 - 000000000 ____D C:\Program Files\LibreOffice
2022-12-02 19:51 - 2022-12-02 19:51 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-12-02 19:51 - 2022-12-02 19:49 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-12-02 19:26 - 2022-12-02 19:26 - 000002451 _____ C:\Users\Kohutovci\Desktop\Microsoft Edge.lnk
2022-11-20 16:53 - 2022-11-20 16:53 - 000210632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-11-20 16:53 - 2022-11-20 16:52 - 000273816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-11-20 16:36 - 2022-11-20 16:57 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-20 16:36 - 2022-11-20 16:36 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-20 15:05 - 2022-11-20 15:05 - 000012261 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-20 15:03 - 2022-11-20 15:03 - 000297472 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-20 13:52 - 2022-11-20 13:52 - 000000000 ___HD C:\$WinREAgent
2022-11-11 21:14 - 2022-11-12 09:20 - 000000000 ____D C:\Program Files\RUXIM
2022-11-09 11:22 - 2022-11-09 11:22 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 11:22 - 2022-11-09 11:22 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-02 21:33 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2022-12-02 21:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-02 21:12 - 2018-03-30 21:29 - 000000000 ____D C:\Program Files\CCleaner
2022-12-02 21:11 - 2018-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Java
2022-12-02 21:08 - 2018-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-12-02 21:05 - 2018-04-02 19:30 - 000168096 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-12-02 21:01 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2022-12-02 21:00 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-12-02 20:58 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2022-12-02 20:48 - 2021-12-19 15:45 - 000001173 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2022-12-02 20:03 - 2018-12-29 23:14 - 000000898 _____ C:\Users\Kohutovci\Desktop\KMPlayer 64X.lnk
2022-12-02 19:51 - 2021-12-23 19:47 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-12-02 19:51 - 2020-12-01 23:47 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-12-02 19:51 - 2019-05-17 22:10 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-12-02 19:49 - 2019-05-17 22:10 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-12-02 19:49 - 2018-04-03 15:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-12-02 19:49 - 2018-04-03 15:20 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-02 19:31 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2022-12-02 19:30 - 2020-06-28 17:02 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2022-12-02 19:30 - 2018-03-28 08:45 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2022-12-02 19:19 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-02 18:25 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2022-12-01 15:13 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-01 15:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-01 14:48 - 2020-06-28 17:02 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-11-30 15:22 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-20 17:00 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2022-11-20 16:57 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-20 16:57 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-20 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-20 16:56 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-20 16:54 - 2019-01-14 15:32 - 000391264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-11-20 16:53 - 2020-09-01 21:17 - 000268480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-11-20 16:53 - 2020-04-03 08:06 - 000555520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-11-20 16:53 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-11-20 16:53 - 2019-01-05 14:54 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-11-20 16:53 - 2019-01-05 14:54 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-11-20 16:53 - 2018-10-09 13:36 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-11-20 16:53 - 2018-04-03 17:01 - 000688336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-11-20 16:53 - 2018-04-03 17:01 - 000318464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-11-20 16:53 - 2018-04-03 17:01 - 000105760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-11-20 16:53 - 2018-04-03 17:01 - 000080384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-11-20 16:52 - 2019-01-05 14:54 - 000031376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-11-20 16:52 - 2018-04-03 17:01 - 000852000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-11-20 16:52 - 2018-04-03 17:01 - 000229720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-11-20 16:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-20 16:40 - 2021-04-25 15:16 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-20 16:36 - 2020-06-28 17:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-20 15:31 - 2020-06-28 16:44 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-20 15:26 - 2021-10-31 16:03 - 000002083 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-11-20 15:26 - 2020-06-28 16:36 - 000634120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-20 15:26 - 2018-04-03 17:02 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-11-20 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-11-20 15:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-20 15:18 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-20 15:02 - 2020-06-28 16:42 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-19 14:09 - 2022-09-14 19:51 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\com.adobe.dunamis
2022-11-19 14:08 - 2021-02-20 13:22 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-18 18:48 - 2022-10-12 10:09 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-11-18 18:48 - 2022-10-12 10:09 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-11-14 19:25 - 2020-10-11 08:18 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-14 19:25 - 2020-10-11 08:18 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 21:14 - 2018-11-16 15:34 - 000000000 ____D C:\Program Files\rempl
2022-11-09 11:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 11:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 11:38 - 2020-12-01 23:43 - 000010232 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2022-11-09 10:28 - 2020-06-28 13:04 - 000000000 ____D C:\Users\Kohutovci
2022-11-09 09:03 - 2018-03-28 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 08:40 - 2018-03-28 07:25 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2022-02-01 17:11 - 2022-02-01 17:21 - 000007597 _____ () C:\Users\Kohutovci\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Kohutovci (02-12-2022 21:42:03)
Running from C:\Users\Kohutovci\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2311 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.11.6041 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{9A106F13-BA73-4E76-AB5E-D37BAEF94A24}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 351 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180351F0}) (Version: 8.0.3510.10 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2022.11.25.17 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
LibreOffice 7.4.3.2 (HKLM\...\{C724CD98-7AEB-4F85-8C10-9721600CE0DA}) (Version: 7.4.3.2 - The Document Foundation)
Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 93.0.4585.37 (HKLM-x32\...\Opera 93.0.4585.37) (Version: 93.0.4585.37 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.51.0 - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 6.11 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2210.56.0_x64__k1h2ywk1493x8 [2022-11-22] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.3.28.0_x64__5grkq8ppsgwt4 [2022-11-28] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-27] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-04] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-11-30] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-20] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-12-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll [2022-12-02] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll [2022-12-02] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F0C37DF3-9B47-442F-B738-77306B89CB9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{D5AFF92B-5FE7-4255-8C8C-8A4170E41591}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{16083281-EE06-436E-8F7F-BC7A3FB70460}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{17873BB0-DC05-47E8-8921-FFE25E571BB3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{146DE832-C65F-47B4-840B-9317E30FE67E}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{F35893C0-8277-43D3-AB01-B3D11E9DE05C}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{738D02E8-E89D-43A1-9D6F-FF8CEE5171D1}] => (Allow) C:\Program Files\Opera\93.0.4585.21\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{C9D410B4-81AA-44A0-9B93-1B8948CB5E5F}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22944510-14CD-4444-BF12-F747807B118A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4193EC1-9908-4256-9718-A662DD10332D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB16F4D6-20E4-47CF-BCD1-CE5C517690C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38361FF4-5FD6-4DDD-BEB9-FAB45403A8BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.91.3404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A0524463-C2E5-41CC-89C6-BEEBCC8B09E1}] => (Allow) C:\Program Files\Opera\93.0.4585.37\opera.exe (Opera Norway AS -> Opera Software)
==================== Restore Points =========================
29-11-2022 15:59:04 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/02/2022 09:33:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x332c
Čas spustenia chybujúcej aplikácie: 0x01d9068d50184aa7
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e832f198-8575-49d8-975a-69c69915b6bc
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: ShellFeedsUI
Error: (12/02/2022 09:28:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x39f0
Čas spustenia chybujúcej aplikácie: 0x01d9068c93749512
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: f0b07f3f-3a27-4613-9c2d-8c4554a4d71b
Celé meno chybujúceho balíka: Microsoft.WindowsFeedbackHub_1.2203.761.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x1820
Čas spustenia chybujúcej aplikácie: 0x01d9068bfd24e077
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 06167b12-a8bb-4ea1-8a21-4a769255d5fa
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x37e4
Čas spustenia chybujúcej aplikácie: 0x01d9068bfb7a991f
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 21928aef-a68c-48bb-b464-212556b6eb4c
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x214c
Čas spustenia chybujúcej aplikácie: 0x01d9068bf0e7306d
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 9c4bf3a2-127d-46af-951e-29989fa64d1c
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x3860
Čas spustenia chybujúcej aplikácie: 0x01d9068beea432ea
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: b0db036b-3fb0-423d-988e-f77bbc8f0e37
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0xcec
Čas spustenia chybujúcej aplikácie: 0x01d9068be8d3cdc4
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: d6004190-7fb1-4155-89b2-a8f056d6dc86
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (12/02/2022 09:23:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.2311, časová značka: 0x9bef48c3
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010fdf2
Identifikácia chybujúceho procesu: 0x14ec
Čas spustenia chybujúcej aplikácie: 0x01d9068be5e6f8bc
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: e7a28982-8e5c-40f4-8d16-5205fc30b175
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
System errors:
=============
Error: (12/02/2022 09:33:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy!ShellFeedsUI.AppXfbff151h5bmghg166fvn34ccayg70vts.mca did not register with DCOM within the required timeout.
Error: (12/02/2022 09:28:04 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsFeedbackHub_1.2203.761.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:52 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:50 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:29 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
Error: (12/02/2022 09:23:15 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2022-12-02 21:28:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2022-12-02 21:26:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 83%
Total physical RAM: 5941.05 MB
Available physical RAM: 976.4 MB
Total Virtual: 12085.05 MB
Available Virtual: 5534.48 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:383 GB) (Model: TOSHIBA MQ01ABF050) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) (Model: TOSHIBA MQ01ABF050) NTFS
\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)
Partition: GPT.
==================== End of Addition.txt =======================