Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Spomaleny NTB

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Huso
Návštěvník
Návštěvník
Příspěvky: 166
Registrován: 18 lis 2007 19:00

Spomaleny NTB

#1 Příspěvek od Huso »

Prosim o diagnostiku, pomaly reaguje... :(



Ran by TUN (administrator) on LAPTOP-BQMJHIIJ (LENOVO 80EC) (20-01-2023 11:28:08)
Running from C:\Users\TUN\Desktop
Loaded Profiles: TUN
Platform: Microsoft Windows 10 Home Version 21H2 19044.1526 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(atieclxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Program Files\AMD\amdkmpfd_un\atieclxx.exe
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe
(explorer.exe ->) (Disig a.s. -> Disig a.s.) C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(explorer.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHAE.EXE
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Ministerstvo vnútra Slovenskej republiky -> ) C:\Program Files (x86)\eID_klient\eID_Client.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(services.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe
(services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files (x86)\Kamo\KamoSvc.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(svchost.exe ->) (DITEC, a.s. -> DITEC, a.s.) C:\Program Files (x86)\Ditec\DUpdater\DUpdater.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [eID_Client] => C:\Program Files (x86)\eID_klient\eID_Client.exe [25272616 2022-12-22] (Ministerstvo vnútra Slovenskej republiky -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHAE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [43520 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\EPSON SX430 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMHAE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03BEF2D7-560D-4BE3-8C2E-E789E1D27B6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0CD9A9D0-316F-4DAF-A14D-330F52644A2E} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {109D4F03-C751-4FFA-A012-53B03F7CCE01} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {127E20C1-0D3C-4478-AAF3-8914CCEA5BDE} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1209424 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {138E6920-CD76-4007-8435-0455CA72C72C} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829384 2015-09-25] (LENOVO -> )
Task: {14E7AA29-9437-41CE-BD80-0C3BE8B55975} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {191CE7FF-5FDD-435A-B85A-9084414AEA97} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {2455E285-1638-49E6-8A31-5C7B5D12FE7C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1174504 2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {25123C60-AB18-454A-8D7F-4E670B7D902C} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {2EA345B4-1FF0-4EDC-AAB9-FDCE056F04B4} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {3467A930-5C77-4835-BA81-4DFB7C00CE75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {34EB3D31-F864-4227-8A18-1AEDC16E552A} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {39995968-DB95-4DFE-9538-7AE8CF12CDAF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {3E3ADF30-8E9E-481E-AC0E-C33242941275} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {422FCEEA-C4C9-430C-85D1-97AC2F8ADD22} - System32\Tasks\DUpdaterTask => C:\Program Files (x86)\Ditec\DUpdater\DUpdater.exe [4176216 2022-10-25] (DITEC, a.s. -> DITEC, a.s.)
Task: {42FBD828-B3A9-4883-B8CF-F12C814989A3} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {45BC2E64-3902-4EF5-9839-3AB08849E57C} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808392 2015-09-25] (LENOVO -> )
Task: {47EC9751-455E-49FF-9635-C697620C292D} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {4D834708-27E7-48D3-A6AD-95082EDB3BE9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FC7CF6B-7DB0-40DF-95B9-A454C872DEBF} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4646480 2022-12-21] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid da587009-7f3f-4569-85db-04a2043dfb63
Task: {51AA90CA-91EF-4A86-B079-D3B181347222} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {5D8055A6-8E21-49E3-8B2E-42CA5FA2B64A} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {5D906446-7110-4556-A5DF-1B9601C1526A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {65DAEAF7-D52A-45A5-80C2-9E19B81B2100} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {665C85DE-3C40-4A39-A16F-3757C7C7D96D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22882216 2022-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AFA5C68-4B03-4CC4-8137-ED80F2C3C86E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fd31ac14-2c81-4514-a110-ed33e20642c7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {747FF23E-652D-488E-BF09-0BB499AFB6F8} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {789DC1FE-1197-4A81-ADEC-341B5EE1C4D1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e3fb34f1-dc8c-449a-a031-3940a0b5a1c1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {87483BBF-8021-4DCC-A8F9-4B0D6FFAF99C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-26] (Google Inc -> Google LLC)
Task: {8820330C-0530-4FF0-96E5-C35BA83C396C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {8A0615ED-EC44-461C-BBB9-ECA595909549} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2022-11-22] (Avast Software s.r.o. -> Avast Software)
Task: {8B29C761-BB6B-4F5E-A140-D6908057FBF8} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {93BDBD64-B551-4B37-BEE2-3028BD75FD31} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22882216 2022-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BFE3EEA-B2A4-42AB-8B2D-ECA719019307} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {9EEDFC6F-842F-41A9-A5A2-2E4E28D07AA7} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2017-02-14] (LENOVO -> Lenovo)
Task: {AE60F0E9-FE68-47B4-A9E4-B500DB6BB632} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {B38C9FC6-8FF4-4D51-B99F-8A99851C9815} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [51080 2016-11-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B6E197C4-0ED6-4643-AC84-83FF5F11140E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-26] (Google Inc -> Google LLC)
Task: {B7BCDF0E-2163-42BB-9CCC-D2494B8200E2} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C4EA2763-25DC-4F66-9E40-419A078089F7} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {C9C7D903-3D36-4C7B-82AF-F17EF54863A5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "06838840-a863-4e36-a998-148e0c580e26" --version "6.08.10255" --silent
Task: {CB569C61-3E8E-4159-AB28-F71F149061A1} - System32\Tasks\CCleanerSkipUAC - TUN => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D63A7CB1-F3C7-4ADB-BDD6-7874CDCFFDC3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\98eeb6cc-a761-4cf7-8bb1-47c700f4ca06 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D8104975-0FDF-4193-8F04-50A51439CB71} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECA65048-6E3A-4701-B41C-98D7F34F818D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE3A2665-BF49-41E5-B0DF-C2CD95E0A345} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ddad81d5-a168-4725-a641-3b8ed8c8fe3a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F80222DD-6423-4C32-95CA-73DAC33E4EDB} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {F88BB5BB-5D62-46FB-85CB-B9FDC8CB8A5C} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe [909024 2022-09-19] (Piriform Software Ltd -> Piriform)
Task: {F89BEF52-8D89-4181-8C8F-FC86CCE2110C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{1099cb62-484b-44d3-8345-3e8db3502c3d}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{f2327ab5-02dd-4cc5-8b7a-08591c1ca410}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\TUN\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-27]

FireFox:
========
FF DefaultProfile: 4hkb7ulv.default-1511791122423
FF ProfilePath: C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\4hkb7ulv.default-1511791122423 [2023-01-20]
FF Extension: (D.Bridge 2) - C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\4hkb7ulv.default-1511791122423\Extensions\mozext@sk.ditec.dbridge2.xpi [2022-09-20]
FF Extension: (Disig Web Signer 1.0.7) - C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\4hkb7ulv.default-1511791122423\Extensions\websigner.1.0.7.selfdist@disig.sk.xpi [2019-12-05]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-05-20]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-09-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-09-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2022-08-15] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecNMc -> C:\PROGRA~2\Ditec\DLAUNC~2\NPDITE~1.DLL [2022-05-06] (DITEC, a.s. -> DITEC, a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2022-07-18] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2022-08-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2022-08-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2022-11-22] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2022-11-22] (DITEC, a.s. -> Ditec,a.s.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-05-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-05-20] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\TUN\AppData\Local\Google\Chrome\User Data\Default [2022-08-10]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Docs Offline) - C:\Users\TUN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-04]
CHR Extension: (Kaspersky Protection 18.0) - C:\Users\TUN\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2021-07-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TUN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-26]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-07] (Advanced Micro Devices) [File not signed]
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 KamoSvc; C:\Program Files (x86)\Kamo\KamoSvc.exe [6099168 2022-09-19] (Piriform Software Ltd -> Piriform Software Ltd)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [424080 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9461328 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [65944 2022-08-04] (Avast Software s.r.o. -> Avast Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-27] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-09-27] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (Kaspersky Lab -> AO Kaspersky Lab)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [119904 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [85704 2018-07-20] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2018-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207560 2018-05-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093248 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [256312 2021-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1059152 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-05-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-04-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309104 2021-04-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115744 2021-04-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [224880 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-05-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [140928 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
S3 MpKsl42f3b808; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [135440 2022-02-21] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl5ece1806; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [135440 2022-02-21] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl7db3ac7e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [135440 2022-02-21] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl7df1af65; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [135440 2022-02-21] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslb92a8b69; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [135440 2022-02-21] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld7f1ad7d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [135440 2022-02-21] (Microsoft Windows -> Microsoft Corporation)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [114104 2022-09-19] (Piriform Software Ltd -> Windows (R) Win 7 DDK provider)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2377344 2018-11-13] (WDKTestCert gxia,130717419938108635 -> Qualcomm Atheros, Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-20 11:28 - 2023-01-20 11:31 - 000037595 _____ C:\Users\TUN\Desktop\FRST.txt
2023-01-20 11:27 - 2023-01-20 11:30 - 000000000 ____D C:\FRST
2023-01-20 11:24 - 2023-01-20 11:24 - 002376704 _____ (Farbar) C:\Users\TUN\Desktop\FRST64.exe
2023-01-17 16:31 - 2023-01-17 16:31 - 000143308 _____ C:\Users\TUN\Downloads\Object20230116192700732_1.pdf
2023-01-17 16:29 - 2023-01-17 16:29 - 000128970 _____ C:\Users\TUN\Downloads\Object20230105180819842_1.pdf
2023-01-17 16:28 - 2023-01-17 16:28 - 000300079 _____ C:\Users\TUN\Downloads\Priloha_0216585822_12735271.pdf
2023-01-17 16:26 - 2023-01-17 16:26 - 000145833 _____ C:\Users\TUN\Downloads\Object20221129142931807_1.pdf
2023-01-17 16:26 - 2023-01-17 16:26 - 000129543 _____ C:\Users\TUN\Downloads\Object20221205163238213_1.pdf
2023-01-17 16:25 - 2023-01-17 16:25 - 000141120 _____ C:\Users\TUN\Downloads\Object20221129142923204_1-1.pdf
2023-01-17 16:23 - 2023-01-17 16:23 - 000141120 _____ C:\Users\TUN\Downloads\Object20221129142923204_1.pdf
2023-01-17 16:22 - 2023-01-17 16:22 - 000141085 _____ C:\Users\TUN\Downloads\Object20221129142923955_1.pdf
2023-01-17 16:02 - 2023-01-17 16:14 - 000000000 ____D C:\Users\TUN\AppData\Local\eID_klient
2023-01-17 16:02 - 2023-01-17 16:02 - 000000000 ____D C:\ProgramData\eID_klient
2023-01-17 16:01 - 2023-01-17 16:01 - 000001983 _____ C:\Users\Public\Desktop\eID Klient.lnk
2023-01-17 16:01 - 2023-01-17 16:01 - 000000000 ____D C:\Users\TUN\AppData\Roaming\eID_klient
2023-01-17 16:01 - 2023-01-17 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eID Klient
2023-01-17 16:01 - 2023-01-17 16:01 - 000000000 ____D C:\Program Files (x86)\eID_klient
2022-12-22 03:49 - 2022-12-22 03:49 - 000201000 _____ C:\WINDOWS\system32\eIdKsp.dll
2022-12-22 03:49 - 2022-12-22 03:49 - 000179496 _____ C:\WINDOWS\SysWOW64\eIdKsp.dll
2022-12-21 09:48 - 2023-01-17 16:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-20 11:31 - 2017-02-15 09:21 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2023-01-20 11:22 - 2020-07-22 14:03 - 000000000 ____D C:\Users\TUN\.ditec
2023-01-20 11:20 - 2022-02-11 01:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-20 11:20 - 2021-07-26 09:45 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-20 11:19 - 2017-05-18 11:43 - 000000000 ____D C:\Program Files\CCleaner
2023-01-20 11:19 - 2017-02-14 22:49 - 000000000 ____D C:\Users\TUN\AppData\LocalLow\Mozilla
2023-01-20 11:18 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-01-20 11:16 - 2021-06-17 10:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-19 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-18 15:20 - 2022-12-01 13:29 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-18 15:20 - 2022-09-23 10:02 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-18 15:20 - 2021-06-17 10:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-18 09:47 - 2021-07-26 09:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-18 09:47 - 2021-07-26 09:47 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-17 16:08 - 2022-08-04 09:59 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-01-17 16:08 - 2022-08-04 09:58 - 000000000 ____D C:\ProgramData\Avast Software
2023-01-17 16:07 - 2021-06-17 10:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-17 16:07 - 2021-06-17 10:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-17 16:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-17 16:07 - 2017-02-14 22:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-17 16:06 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-17 16:06 - 2017-08-08 13:08 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-01-17 16:03 - 2021-12-12 10:28 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-998356723-4003974587-366902119-1002
2023-01-17 16:03 - 2021-06-17 10:52 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-998356723-4003974587-366902119-1002
2023-01-17 16:03 - 2021-06-17 10:19 - 000002380 _____ C:\Users\TUN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-17 16:01 - 2019-06-14 07:03 - 000000000 ____D C:\Program Files (x86)\EAC MW klient
2023-01-17 15:52 - 2021-10-15 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-17 15:51 - 2017-02-14 22:48 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-17 15:44 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-01-17 15:41 - 2021-06-17 10:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-17 15:40 - 2022-11-10 13:06 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-17 15:40 - 2022-11-10 13:06 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-16 16:05 - 2022-10-11 12:12 - 000000000 ____D C:\Users\TUN\AppData\Roaming\com.adobe.dunamis
2023-01-16 15:38 - 2021-06-17 10:19 - 000000000 ____D C:\Users\TUN
2023-01-16 15:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-16 15:10 - 2021-06-17 10:52 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-16 15:10 - 2021-06-17 10:52 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Huso
Návštěvník
Návštěvník
Příspěvky: 166
Registrován: 18 lis 2007 19:00

Re: Spomaleny NTB

#2 Příspěvek od Huso »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2023
Ran by TUN (20-01-2023 11:34:34)
Running from C:\Users\TUN\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1526 (X64) (2021-06-17 09:54:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-998356723-4003974587-366902119-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-998356723-4003974587-366902119-503 - Limited - Disabled)
Guest (S-1-5-21-998356723-4003974587-366902119-501 - Limited - Disabled)
TUN (S-1-5-21-998356723-4003974587-366902119-1002 - Administrator - Enabled) => C:\Users\TUN
WDAGUtilityAccount (S-1-5-21-998356723-4003974587-366902119-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (HKLM\...\{5ECC60F4-1AFE-98F5-9F72-EDEA9C4291AE}) (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 22.003.20310 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{60AA5051-1690-890B-954C-7E18398FCF32}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
Balík softvéru eID (HKLM-x32\...\{27fcb623-2a19-4570-ab03-96077bc85e1d}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Balík softvéru eID (HKLM-x32\...\{ada2b0d4-ff66-4697-86d1-676a81f20d74}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
D.Launcher (x86) (HKLM-x32\...\{7049B3B3-B26F-4DE2-AB71-4C4DE47E159C}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Launcher 2 (x86) (HKLM-x32\...\{9C05E0C2-2689-459A-86CF-4BFB51737354}) (Version: 2.0.0.3 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{7DAE90FC-2F2E-4FF9-BF20-2CD6EF34C834}) (Version: 4.0.28 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{C9C76970-B431-44DA-BEAD-6BA2133D9AFA}) (Version: 4.0.20 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{9aff0f49-24cb-4702-8f41-098ffff286a2}) (Version: 1.1.3 - DITEC, a.s.)
D.Updater (x86) (HKLM-x32\...\{77384069-C793-48D2-94E9-8CDA12651BE1}) (Version: 1.0.3 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{A14B7D66-4322-414B-BEE2-5580D5A4F0EC}) (Version: 4.0.2036 - DITEC, a.s.)
Disig Web Signer (HKLM-x32\...\{41C0F02D-2389-4AB5-975C-C2363E7C554C}) (Version: 2.0.7 - Disig)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
eID Klient (HKLM-x32\...\{A91845DF-EBB2-4918-9453-DE4D873E7B54}) (Version: 4.4.0 - MV SR)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Kamo (HKLM-x32\...\Kamo) (Version: 4.4.643.1202 - Piriform)
Kaspersky Internet Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14827.20192 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\OneDriveSetup.exe) (Version: 22.253.1204.0001 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 108.0.2 (x64 en-US)) (Version: 108.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden
QSign-eSigner 2.1.0 (HKLM\...\9789-9647-2423-4659) (Version: 2.1.0 - Ardaco, a.s.)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.116 - Qualcomm Atheros)
Qualcomm Atheros 61x4 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.067 - Qualcomm Atheros)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.46 (30.10.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.08(07.09.2016) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.07.2017) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2017-02-17] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-28] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.211.900.0_x64__kgqvnymyfvs32 [2022-02-15] (king.com)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-29] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-06-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-02-09] (Microsoft Studios) [MS Ad]
Portál konta Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-09-25] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0 [2022-02-09] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-26] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-998356723-4003974587-366902119-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-998356723-4003974587-366902119-1002_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-11-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-03-19 14:12 - 2018-03-19 14:12 - 000113678 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libgcc_s_dw2-1.dll
2018-03-19 14:12 - 2018-03-19 14:12 - 001542158 _____ () [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libstdc++-6.dll
2022-12-22 03:38 - 2022-12-22 03:38 - 004277248 _____ () [File not signed] C:\Program Files (x86)\eID_klient\botan_x86.dll
2022-12-22 03:42 - 2022-12-22 03:42 - 000151552 _____ () [File not signed] C:\Program Files (x86)\eID_klient\openjpeg.dll
2017-02-17 11:09 - 2016-09-22 07:11 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2016-06-30 18:12 - 2016-06-30 18:12 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2014-09-08 12:38 - 2014-09-08 12:38 - 000051200 _____ () [File not signed] C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2017-02-17 11:10 - 2016-09-22 07:06 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2017-02-17 11:10 - 2016-09-22 07:06 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\MSVCR71.dll
2021-06-17 10:23 - 2021-06-17 10:23 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2021-06-17 10:23 - 2021-06-17 10:23 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2021-06-17 10:23 - 2021-06-17 10:23 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2018-03-19 14:12 - 2018-03-19 14:12 - 000047104 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\libwinpthread-1.dll
2017-02-17 11:10 - 2016-09-22 07:11 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll
2016-07-26 11:57 - 2016-07-26 11:57 - 000123904 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\CDAKEYMonitor64.dll
2021-03-08 15:03 - 2021-03-08 15:03 - 002579968 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\eID_klient\libcrypto-1_1.dll
2022-12-22 03:42 - 2022-12-22 03:42 - 000535552 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\eID_klient\libssl-1_1.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-30 18:12 - 2016-06-30 18:12 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-07-01 13:51 - 2019-07-01 13:51 - 006623384 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Ditec\DLauncher\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-998356723-4003974587-366902119-1002 -> DefaultScope {6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} URL =
SearchScopes: HKU\S-1-5-21-998356723-4003974587-366902119-1002 -> {6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} URL =
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-09-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-09-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2018-09-17 08:22 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2019-11-18 12:24 - 2019-11-18 12:24 - 000000447 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\eID_klient\
HKU\S-1-5-21-998356723-4003974587-366902119-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\TUN\Pictures\Saved Pictures\P1010067.JPG
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6CEAB5D1-7167-4F9D-8125-A0636B64AF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7A1BC88-F4FC-47E3-86EB-528C6ECB0283}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9056841C-98AE-4D38-A18A-D1F0470339D8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{4598BC7D-2000-4D83-B602-AF9A902E8C78}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{C716ECBB-9DE0-421F-86E7-BB03EED82CEA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{E46E97FA-EEEB-49B7-A749-F8D52E639E61}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{7AF615D7-2B72-4D4D-AE29-7AFDEEAD4D95}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{77B3574C-4F98-4656-B6E8-98E2E6912D6F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{5C82ACBB-6DA0-4FE5-BC5E-D122EBB30488}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{1AE48EB7-BBCD-4943-9C05-58C41CF93FEE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (ScanProcess) [File not signed]
FirewallRules: [{3FA5B82F-D48D-4F04-ADD3-85F7B2E4E6AE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Scan2PCNotify) [File not signed]
FirewallRules: [{2EE3E8C2-BA0B-4687-B5E2-E974FBE7536B}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A6565B47-5C40-478A-8809-B0EEE1FCF45C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FD8AB2C5-07F6-4EC5-9CF8-50FDCC7A0779}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{05EDD130-7E4F-4EC8-9A3A-50D0DE0A3AF1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{68B1B9DC-03DF-4EA5-88F2-4D26FB2D7A31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{399FBFAE-883F-41C7-B243-B8DC48F0075C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3D59DA8-6D31-40E7-A6A9-BEC9BDEAC3FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FEB1F6F-D18D-48B9-A0E4-1B137615CFF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E570E4BA-F2CC-42A6-84BE-B6EF60DC627D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FCC015D-3CB8-4C14-A575-E14CEC18BC19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E803749-FDB7-4083-BFE1-AF4D8E62A502}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA3547FD-1033-46EA-A76B-96B2B58A95B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C24582F8-3695-4068-8F89-5553C062ACDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D5CAC20-3791-4B21-88C7-0BC8E7427DB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7E9318B-2EB8-492F-B5C7-F894B876AD51}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61E5C4AF-6EF3-42BB-BDAC-F8D0A89CAD3D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB3DCD5E-9644-4EFF-AD7E-D2F7C9160D21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ECC9607B-D576-49CE-8E2F-43F6337296C1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F734CEC-D84D-4B7F-8A3D-A8B34F84A6CC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

19-12-2022 10:06:37 Scheduled Checkpoint
16-01-2023 16:34:27 Scheduled Checkpoint
17-01-2023 15:22:59 Nainštalované eID Klient
17-01-2023 15:57:01 Nainštalované eID Klient

==================== Faulty Device Manager Devices ============

Name: Qualcomm Atheros QCA61x4 Bluetooth 4.1
Description: Qualcomm Atheros QCA61x4 Bluetooth 4.1
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/20/2023 11:22:18 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/19/2023 11:03:42 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/18/2023 09:46:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/17/2023 04:03:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Acrobat.exe, version: 22.3.20310.0, time stamp: 0x63a67749
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x0000000000063416
Faulting process id: 0x24ec
Faulting application start time: 0x01d92a845ba8a692
Faulting application path: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a3375b83-0cf8-413c-ac68-e2f31bc65749
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2023 03:53:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 108.0.2.8404, time stamp: 0x63b5c077
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x00000000000a1fe7
Faulting process id: 0x2b7c
Faulting application start time: 0x01d92a836b9a064d
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 268a20ed-2c20-4f5e-a02c-33b90b9fe06c
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2023 03:52:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 108.0.2.8404, time stamp: 0x63b5c077
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x00000000000a1fe7
Faulting process id: 0x2e34
Faulting application start time: 0x01d92a83412021fd
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: ce7f6ebf-e34e-48e6-acfc-f1848725ea2a
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2023 03:52:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 108.0.2.8404, time stamp: 0x63b5c077
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x00000000000a1fe7
Faulting process id: 0x28d8
Faulting application start time: 0x01d92a83356809f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 846eb919-ec77-4562-b95a-99e23b0224bf
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2023 03:52:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 108.0.2.8404, time stamp: 0x63b5c077
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff6a0856860
Faulting process id: 0x1418
Faulting application start time: 0x01d92a83392d8637
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: unknown
Report Id: a43bb707-56ac-4c0c-aa0d-b5700923e449
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (01/19/2023 11:00:40 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-BQMJHIIJ)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (01/17/2023 04:19:39 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The System Guard Runtime Monitor Broker service hung on starting.

Error: (01/17/2023 04:17:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (01/17/2023 04:08:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LenovoVantageService service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (01/17/2023 04:08:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the LenovoVantageService service to connect.

Error: (01/17/2023 04:07:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The amdacpksd service failed to start due to the following error:
The system cannot find the file specified.

Error: (01/17/2023 04:06:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.

Error: (01/17/2023 03:55:06 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.


Windows Defender:
================
Date: 2023-01-19 11:13:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-21 12:05:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-21 09:54:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-02 12:18:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-01 13:32:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2022-09-19 15:11:16
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2022-08-25 09:31:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.359.295.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-08-25 09:31:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.359.295.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-08-25 09:31:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.359.295.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-08-25 09:31:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.359.295.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===============
Date: 2022-11-29 10:25:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-29 10:25:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-08-10 11:32:11
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-07-26 09:51:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\Amsi\amsi_plugin64.dll.49118a84273c1aaa86f63a0266cc3c2b that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO A4CN40WW (V 2.09) 08/24/2015
Motherboard: LENOVO Lancer 5B3
Processor: AMD FX-7500 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 65%
Total physical RAM: 7098.61 MB
Available physical RAM: 2480.91 MB
Total Virtual: 15034.61 MB
Available Virtual: 9087.9 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:884.95 GB) (Free:755.04 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.17 GB) (Model: ST1000LM024 HN-M101MBB) NTFS

\\?\Volume{8be844a2-c0cb-420a-9c37-3a48dc133b69}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{c02ce649-f568-44d9-831c-1f6fe2135c34}\ (LENOVO_PART) (Fixed) (Total:19.34 GB) (Free:5.8 GB) NTFS
\\?\Volume{faab03ad-026d-41c4-8ebe-869afead6dc9}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8B8F2142)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Spomaleny NTB

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Huso
Návštěvník
Návštěvník
Příspěvky: 166
Registrován: 18 lis 2007 19:00

Re: Spomaleny NTB

#4 Příspěvek od Huso »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-20-2023
# Duration: 00:00:03
# OS: Windows 10 (Build 19044.1526)
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Deleted Preinstalled.SamsungEasyDocumentCreator Folder C:\Program Files (x86)\SAMSUNG\EASY DOCUMENT CREATOR
Deleted Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Samsung Easy Document Creator
Deleted Preinstalled.SamsungEasyDocumentCreator Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6889 octets] - [20/01/2023 11:59:39]
AdwCleaner[C00].txt - [1609 octets] - [20/01/2023 12:42:06]
AdwCleaner[S01].txt - [6992 octets] - [20/01/2023 13:20:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Spomaleny NTB

#5 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Huso
Návštěvník
Návštěvník
Příspěvky: 166
Registrován: 18 lis 2007 19:00

Re: Spomaleny NTB

#6 Příspěvek od Huso »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2023
Ran by TUN (administrator) on LAPTOP-BQMJHIIJ (LENOVO 80EC) (20-01-2023 14:05:15)
Running from C:\Users\TUN\Desktop
Loaded Profiles: TUN
Platform: Microsoft Windows 10 Home Version 21H2 19044.1526 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe
(services.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files (x86)\Kamo\KamoSvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [eID_Client] => C:\Program Files (x86)\eID_klient\eID_Client.exe [25272616 2022-12-22] (Ministerstvo vnútra Slovenskej republiky -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHAE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [43520 2017-07-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\EPSON SX430 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMHAE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\WINDOWS\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CD9A9D0-316F-4DAF-A14D-330F52644A2E} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {109D4F03-C751-4FFA-A012-53B03F7CCE01} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {138E6920-CD76-4007-8435-0455CA72C72C} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829384 2015-09-25] (LENOVO -> )
Task: {14E7AA29-9437-41CE-BD80-0C3BE8B55975} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {191CE7FF-5FDD-435A-B85A-9084414AEA97} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {2455E285-1638-49E6-8A31-5C7B5D12FE7C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1174504 2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {25123C60-AB18-454A-8D7F-4E670B7D902C} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {2EA345B4-1FF0-4EDC-AAB9-FDCE056F04B4} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {3467A930-5C77-4835-BA81-4DFB7C00CE75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {34EB3D31-F864-4227-8A18-1AEDC16E552A} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {39995968-DB95-4DFE-9538-7AE8CF12CDAF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {422FCEEA-C4C9-430C-85D1-97AC2F8ADD22} - System32\Tasks\DUpdaterTask => C:\Program Files (x86)\Ditec\DUpdater\DUpdater.exe [4176216 2022-10-25] (DITEC, a.s. -> DITEC, a.s.)
Task: {42FBD828-B3A9-4883-B8CF-F12C814989A3} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {45BC2E64-3902-4EF5-9839-3AB08849E57C} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808392 2015-09-25] (LENOVO -> )
Task: {47EC9751-455E-49FF-9635-C697620C292D} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {4D834708-27E7-48D3-A6AD-95082EDB3BE9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4FC7CF6B-7DB0-40DF-95B9-A454C872DEBF} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4646480 2022-12-21] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid da587009-7f3f-4569-85db-04a2043dfb63
Task: {51AA90CA-91EF-4A86-B079-D3B181347222} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {5D8055A6-8E21-49E3-8B2E-42CA5FA2B64A} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {5D906446-7110-4556-A5DF-1B9601C1526A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {665C85DE-3C40-4A39-A16F-3757C7C7D96D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22882216 2022-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AFA5C68-4B03-4CC4-8137-ED80F2C3C86E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fd31ac14-2c81-4514-a110-ed33e20642c7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {747FF23E-652D-488E-BF09-0BB499AFB6F8} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {789DC1FE-1197-4A81-ADEC-341B5EE1C4D1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e3fb34f1-dc8c-449a-a031-3940a0b5a1c1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {87483BBF-8021-4DCC-A8F9-4B0D6FFAF99C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-26] (Google Inc -> Google LLC)
Task: {8820330C-0530-4FF0-96E5-C35BA83C396C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {8A0615ED-EC44-461C-BBB9-ECA595909549} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2022-11-22] (Avast Software s.r.o. -> Avast Software)
Task: {8B29C761-BB6B-4F5E-A140-D6908057FBF8} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {93BDBD64-B551-4B37-BEE2-3028BD75FD31} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22882216 2022-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BFE3EEA-B2A4-42AB-8B2D-ECA719019307} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {9EEDFC6F-842F-41A9-A5A2-2E4E28D07AA7} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2017-02-14] (LENOVO -> Lenovo)
Task: {B38C9FC6-8FF4-4D51-B99F-8A99851C9815} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [51080 2016-11-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B6E197C4-0ED6-4643-AC84-83FF5F11140E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-26] (Google Inc -> Google LLC)
Task: {B7BCDF0E-2163-42BB-9CCC-D2494B8200E2} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C4EA2763-25DC-4F66-9E40-419A078089F7} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {C9C7D903-3D36-4C7B-82AF-F17EF54863A5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "06838840-a863-4e36-a998-148e0c580e26" --version "6.08.10255" --silent
Task: {CB569C61-3E8E-4159-AB28-F71F149061A1} - System32\Tasks\CCleanerSkipUAC - TUN => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D63A7CB1-F3C7-4ADB-BDD6-7874CDCFFDC3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\98eeb6cc-a761-4cf7-8bb1-47c700f4ca06 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D8104975-0FDF-4193-8F04-50A51439CB71} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECB7C3E9-DF15-4777-8726-B2BF4306E96C} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1209424 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {EE3A2665-BF49-41E5-B0DF-C2CD95E0A345} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ddad81d5-a168-4725-a641-3b8ed8c8fe3a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {EE64C43F-1F8C-4615-80A7-DB147860E0D3} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {F80222DD-6423-4C32-95CA-73DAC33E4EDB} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {F88BB5BB-5D62-46FB-85CB-B9FDC8CB8A5C} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe [909024 2022-09-19] (Piriform Software Ltd -> Piriform)
Task: {F89BEF52-8D89-4181-8C8F-FC86CCE2110C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{1099cb62-484b-44d3-8345-3e8db3502c3d}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{f2327ab5-02dd-4cc5-8b7a-08591c1ca410}: [DhcpNameServer] 192.168.1.1 195.146.128.62

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\TUN\AppData\Local\Microsoft\Edge\User Data\Default [2022-10-27]

FireFox:
========
FF DefaultProfile: 4hkb7ulv.default-1511791122423
FF ProfilePath: C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\4hkb7ulv.default-1511791122423 [2023-01-20]
FF Extension: (D.Bridge 2) - C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\4hkb7ulv.default-1511791122423\Extensions\mozext@sk.ditec.dbridge2.xpi [2022-09-20]
FF Extension: (Disig Web Signer 1.0.7) - C:\Users\TUN\AppData\Roaming\Mozilla\Firefox\Profiles\4hkb7ulv.default-1511791122423\Extensions\websigner.1.0.7.selfdist@disig.sk.xpi [2019-12-05]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-05-20]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-09-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-09-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2022-08-15] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecNMc -> C:\PROGRA~2\Ditec\DLAUNC~2\NPDITE~1.DLL [2022-05-06] (DITEC, a.s. -> DITEC, a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2022-07-18] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2022-08-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2022-08-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2022-11-22] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2022-11-22] (DITEC, a.s. -> Ditec,a.s.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-05-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-05-20] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\TUN\AppData\Local\Google\Chrome\User Data\Default [2022-08-10]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Docs Offline) - C:\Users\TUN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-04]
CHR Extension: (Kaspersky Protection 18.0) - C:\Users\TUN\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2021-07-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TUN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-26]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] (Advanced Micro Devices, Inc. -> )
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-07] (Advanced Micro Devices) [File not signed]
R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\avp.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
S2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 KamoSvc; C:\Program Files (x86)\Kamo\KamoSvc.exe [6099168 2022-09-19] (Piriform Software Ltd -> Piriform Software Ltd)
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\vssbridge64.exe [424080 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE2.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe [354672 2017-01-24] (Kaspersky Lab -> AO Kaspersky Lab)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8891160 2023-01-20] (Malwarebytes Inc. -> Malwarebytes)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9461328 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [65944 2022-08-04] (Avast Software s.r.o. -> Avast Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-27] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-09-27] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (Kaspersky Lab -> AO Kaspersky Lab)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [119904 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [85704 2018-07-20] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2018-10-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [207560 2018-05-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093248 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys [256312 2021-07-26] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1059152 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57032 2018-05-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [57056 2016-12-23] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [58592 2016-12-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50672 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45768 2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-04-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309104 2021-04-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115744 2021-04-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [224880 2021-06-09] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [93888 2018-05-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [140928 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-12-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-01-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197088 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [76216 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-01-20] (Malwarebytes Inc. -> Malwarebytes)
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [114104 2022-09-19] (Piriform Software Ltd -> Windows (R) Win 7 DDK provider)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2377344 2018-11-13] (WDKTestCert gxia,130717419938108635 -> Qualcomm Atheros, Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S2 amdacpksd; \??\C:\WINDOWS\system32\drivers\amdacpksd.sys [X]
S3 MpKsl42f3b808; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [X]
S3 MpKsl5ece1806; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [X]
S3 MpKsl7db3ac7e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [X]
S3 MpKsl7df1af65; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [X]
S3 MpKslb92a8b69; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [X]
S3 MpKsld7f1ad7d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F0AF988-F4DE-4731-BE9E-A5E00100C3A7}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-20 14:05 - 2023-01-20 14:05 - 000000000 ____D C:\Users\TUN\Desktop\FRST-OlderVersion
2023-01-20 14:01 - 2023-01-20 14:01 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-01-20 14:01 - 2023-01-20 14:01 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-01-20 14:01 - 2023-01-20 14:01 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-01-20 14:01 - 2023-01-20 14:01 - 000000000 ____D C:\Users\TUN\AppData\LocalLow\IGDump
2023-01-20 13:56 - 2023-01-20 13:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-01-20 13:56 - 2023-01-20 13:56 - 000000000 ____D C:\Program Files\Malwarebytes
2023-01-20 12:16 - 2023-01-20 12:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-01-20 11:58 - 2023-01-20 12:42 - 000000000 ____D C:\AdwCleaner
2023-01-20 11:56 - 2023-01-20 11:56 - 008791352 _____ (Malwarebytes) C:\Users\TUN\Desktop\AdwCleaner.exe
2023-01-20 11:34 - 2023-01-20 11:49 - 000050539 _____ C:\Users\TUN\Desktop\Addition.txt
2023-01-20 11:28 - 2023-01-20 14:07 - 000032699 _____ C:\Users\TUN\Desktop\FRST.txt
2023-01-20 11:27 - 2023-01-20 14:06 - 000000000 ____D C:\FRST
2023-01-20 11:24 - 2023-01-20 14:05 - 002376704 _____ (Farbar) C:\Users\TUN\Desktop\FRST64.exe
2023-01-17 16:31 - 2023-01-17 16:31 - 000143308 _____ C:\Users\TUN\Downloads\Object20230116192700732_1.pdf
2023-01-17 16:29 - 2023-01-17 16:29 - 000128970 _____ C:\Users\TUN\Downloads\Object20230105180819842_1.pdf
2023-01-17 16:28 - 2023-01-17 16:28 - 000300079 _____ C:\Users\TUN\Downloads\Priloha_0216585822_12735271.pdf
2023-01-17 16:26 - 2023-01-17 16:26 - 000145833 _____ C:\Users\TUN\Downloads\Object20221129142931807_1.pdf
2023-01-17 16:26 - 2023-01-17 16:26 - 000129543 _____ C:\Users\TUN\Downloads\Object20221205163238213_1.pdf
2023-01-17 16:25 - 2023-01-17 16:25 - 000141120 _____ C:\Users\TUN\Downloads\Object20221129142923204_1-1.pdf
2023-01-17 16:23 - 2023-01-17 16:23 - 000141120 _____ C:\Users\TUN\Downloads\Object20221129142923204_1.pdf
2023-01-17 16:22 - 2023-01-17 16:22 - 000141085 _____ C:\Users\TUN\Downloads\Object20221129142923955_1.pdf
2023-01-17 16:02 - 2023-01-17 16:14 - 000000000 ____D C:\Users\TUN\AppData\Local\eID_klient
2023-01-17 16:02 - 2023-01-17 16:02 - 000000000 ____D C:\ProgramData\eID_klient
2023-01-17 16:01 - 2023-01-17 16:01 - 000001983 _____ C:\Users\Public\Desktop\eID Klient.lnk
2023-01-17 16:01 - 2023-01-17 16:01 - 000000000 ____D C:\Users\TUN\AppData\Roaming\eID_klient
2023-01-17 16:01 - 2023-01-17 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eID Klient
2023-01-17 16:01 - 2023-01-17 16:01 - 000000000 ____D C:\Program Files (x86)\eID_klient
2022-12-22 03:49 - 2022-12-22 03:49 - 000201000 _____ C:\WINDOWS\system32\eIdKsp.dll
2022-12-22 03:49 - 2022-12-22 03:49 - 000179496 _____ C:\WINDOWS\SysWOW64\eIdKsp.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-01-20 14:03 - 2021-07-26 09:45 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-20 14:00 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-01-20 13:56 - 2021-06-17 10:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-20 13:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-20 13:24 - 2022-02-11 01:20 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-20 13:23 - 2017-02-15 09:21 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2023-01-20 13:23 - 2017-02-14 22:49 - 000000000 ____D C:\Users\TUN\AppData\LocalLow\Mozilla
2023-01-20 13:22 - 2022-08-04 09:59 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-01-20 13:22 - 2018-09-25 07:49 - 000000000 ____D C:\Program Files (x86)\Samsung
2023-01-20 12:51 - 2021-10-15 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-20 12:50 - 2017-02-14 22:48 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-20 12:50 - 2017-02-14 22:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-20 11:22 - 2020-07-22 14:03 - 000000000 ____D C:\Users\TUN\.ditec
2023-01-20 11:19 - 2017-05-18 11:43 - 000000000 ____D C:\Program Files\CCleaner
2023-01-20 11:18 - 2019-12-07 10:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-01-18 15:20 - 2022-12-01 13:29 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-18 15:20 - 2022-09-23 10:02 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-18 15:20 - 2021-06-17 10:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-18 09:47 - 2021-07-26 09:47 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-18 09:47 - 2021-07-26 09:47 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-01-17 16:08 - 2022-08-04 09:58 - 000000000 ____D C:\ProgramData\Avast Software
2023-01-17 16:07 - 2021-06-17 10:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-17 16:07 - 2021-06-17 10:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-17 16:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-17 16:06 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-17 16:06 - 2017-08-08 13:08 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-01-17 16:03 - 2021-12-12 10:28 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-998356723-4003974587-366902119-1002
2023-01-17 16:03 - 2021-06-17 10:52 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-998356723-4003974587-366902119-1002
2023-01-17 16:03 - 2021-06-17 10:19 - 000002380 _____ C:\Users\TUN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-17 16:01 - 2019-06-14 07:03 - 000000000 ____D C:\Program Files (x86)\EAC MW klient
2023-01-17 15:44 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-01-17 15:41 - 2021-06-17 10:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-01-17 15:40 - 2022-11-10 13:06 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-01-17 15:40 - 2022-11-10 13:06 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-01-16 16:05 - 2022-10-11 12:12 - 000000000 ____D C:\Users\TUN\AppData\Roaming\com.adobe.dunamis
2023-01-16 15:38 - 2021-06-17 10:19 - 000000000 ____D C:\Users\TUN
2023-01-16 15:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-16 15:10 - 2021-06-17 10:52 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-16 15:10 - 2021-06-17 10:52 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-01-2023
Ran by TUN (20-01-2023 14:08:17)
Running from C:\Users\TUN\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1526 (X64) (2021-06-17 09:54:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-998356723-4003974587-366902119-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-998356723-4003974587-366902119-503 - Limited - Disabled)
Guest (S-1-5-21-998356723-4003974587-366902119-501 - Limited - Disabled)
TUN (S-1-5-21-998356723-4003974587-366902119-1002 - Administrator - Enabled) => C:\Users\TUN
WDAGUtilityAccount (S-1-5-21-998356723-4003974587-366902119-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (HKLM\...\{5ECC60F4-1AFE-98F5-9F72-EDEA9C4291AE}) (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 22.003.20310 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1897, 26.06.2017 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{60AA5051-1690-890B-954C-7E18398FCF32}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.)
Autodesk DWG TrueView 2016 - English (HKLM\...\DWG TrueView 2016 - English) (Version: 20.1.49.0 - Autodesk)
Balík softvéru eID (HKLM-x32\...\{27fcb623-2a19-4570-ab03-96077bc85e1d}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Balík softvéru eID (HKLM-x32\...\{ada2b0d4-ff66-4697-86d1-676a81f20d74}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.08 - Piriform)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
D.Launcher (x86) (HKLM-x32\...\{7049B3B3-B26F-4DE2-AB71-4C4DE47E159C}) (Version: 1.2.0.2 - DITEC, a.s.)
D.Launcher 2 (x86) (HKLM-x32\...\{9C05E0C2-2689-459A-86CF-4BFB51737354}) (Version: 2.0.0.3 - DITEC, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi (x86) (HKLM-x32\...\{7DAE90FC-2F2E-4FF9-BF20-2CD6EF34C834}) (Version: 4.0.28 - DITEC, a.s.)
D.Signer/XAdES .NET Tools (x86) (HKLM-x32\...\{C9C76970-B431-44DA-BEAD-6BA2133D9AFA}) (Version: 4.0.20 - DITEC, a.s.)
D.Suite/eIDAS (x86) (HKLM-x32\...\{9aff0f49-24cb-4702-8f41-098ffff286a2}) (Version: 1.1.3 - DITEC, a.s.)
D.Updater (x86) (HKLM-x32\...\{77384069-C793-48D2-94E9-8CDA12651BE1}) (Version: 1.0.3 - DITEC, a.s.)
D.Viewer .NET (x86) (HKLM-x32\...\{A14B7D66-4322-414B-BEE2-5580D5A4F0EC}) (Version: 4.0.2036 - DITEC, a.s.)
Disig Web Signer (HKLM-x32\...\{41C0F02D-2389-4AB5-975C-C2363E7C554C}) (Version: 2.0.7 - Disig)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
eID Klient (HKLM-x32\...\{A91845DF-EBB2-4918-9453-DE4D873E7B54}) (Version: 4.4.0 - MV SR)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Kamo (HKLM-x32\...\Kamo) (Version: 4.4.643.1202 - Piriform)
Kaspersky Internet Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F33C0717-8E04-4EB5-90C8-47221287DB4F}) (Version: 18.0.0.405 - Kaspersky Lab)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.20.230 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.20.230 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14827.20192 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-998356723-4003974587-366902119-1002\...\OneDriveSetup.exe) (Version: 22.253.1204.0001 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (HKLM\...\{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (HKLM\...\{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM-x32\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM-x32\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 109.0 (x64 en-US)) (Version: 109.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden
QSign-eSigner 2.1.0 (HKLM\...\9789-9647-2423-4659) (Version: 2.1.0 - Ardaco, a.s.)
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.116 - Qualcomm Atheros)
Qualcomm Atheros 61x4 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.067 - Qualcomm Atheros)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.06.00.08(07.09.2016) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.07.2017) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.18 - Samsung Electronics Co., Ltd.) Hidden
SetIP (HKLM-x32\...\SetIP) (Version: 1.05.08.00 - Samsung Electronics Co., Ltd.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2017-02-17] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-28] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.211.900.0_x64__kgqvnymyfvs32 [2022-02-15] (king.com)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-29] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-06-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-02-09] (Microsoft Studios) [MS Ad]
Portál konta Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2018-09-25] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0 [2022-02-09] (Spotify AB) [Startup Task]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-26] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-998356723-4003974587-366902119-1002_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-998356723-4003974587-366902119-1002_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-01-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-11-21] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\ShellEx.dll [2018-10-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-01-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-02-17 11:09 - 2016-09-22 07:11 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2017-02-17 11:10 - 2016-09-22 07:06 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2017-02-17 11:10 - 2016-09-22 07:06 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\MSVCR71.dll
2021-06-17 10:23 - 2021-06-17 10:23 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2021-06-17 10:23 - 2021-06-17 10:23 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2021-06-17 10:23 - 2021-06-17 10:23 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2017-02-17 11:10 - 2016-09-22 07:11 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-998356723-4003974587-366902119-1002 -> DefaultScope {6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} URL =
SearchScopes: HKU\S-1-5-21-998356723-4003974587-366902119-1002 -> {6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} URL =
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-09-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-09-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\x64\IEExt\ie_plugin.dll [2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\IEExt\ie_plugin.dll [2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2018-09-17 08:22 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2019-11-18 12:24 - 2019-11-18 12:24 - 000000447 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\eID_klient\
HKU\S-1-5-21-998356723-4003974587-366902119-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\TUN\Pictures\Saved Pictures\P1010067.JPG
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6CEAB5D1-7167-4F9D-8125-A0636B64AF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E7A1BC88-F4FC-47E3-86EB-528C6ECB0283}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9056841C-98AE-4D38-A18A-D1F0470339D8}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{4598BC7D-2000-4D83-B602-AF9A902E8C78}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{C716ECBB-9DE0-421F-86E7-BB03EED82CEA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{E46E97FA-EEEB-49B7-A749-F8D52E639E61}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{7AF615D7-2B72-4D4D-AE29-7AFDEEAD4D95}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{77B3574C-4F98-4656-B6E8-98E2E6912D6F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{5C82ACBB-6DA0-4FE5-BC5E-D122EBB30488}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe (Samsung Electronics Co., Ltd.) [File not signed]
FirewallRules: [{1AE48EB7-BBCD-4943-9C05-58C41CF93FEE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe (ScanProcess) [File not signed]
FirewallRules: [{3FA5B82F-D48D-4F04-ADD3-85F7B2E4E6AE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe (Scan2PCNotify) [File not signed]
FirewallRules: [{2EE3E8C2-BA0B-4687-B5E2-E974FBE7536B}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A6565B47-5C40-478A-8809-B0EEE1FCF45C}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FD8AB2C5-07F6-4EC5-9CF8-50FDCC7A0779}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{05EDD130-7E4F-4EC8-9A3A-50D0DE0A3AF1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{68B1B9DC-03DF-4EA5-88F2-4D26FB2D7A31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{399FBFAE-883F-41C7-B243-B8DC48F0075C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3D59DA8-6D31-40E7-A6A9-BEC9BDEAC3FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FEB1F6F-D18D-48B9-A0E4-1B137615CFF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E570E4BA-F2CC-42A6-84BE-B6EF60DC627D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9FCC015D-3CB8-4C14-A575-E14CEC18BC19}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E803749-FDB7-4083-BFE1-AF4D8E62A502}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA3547FD-1033-46EA-A76B-96B2B58A95B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.178.765.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C24582F8-3695-4068-8F89-5553C062ACDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7D5CAC20-3791-4B21-88C7-0BC8E7427DB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7E9318B-2EB8-492F-B5C7-F894B876AD51}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{61E5C4AF-6EF3-42BB-BDAC-F8D0A89CAD3D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB3DCD5E-9644-4EFF-AD7E-D2F7C9160D21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ECC9607B-D576-49CE-8E2F-43F6337296C1}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F734CEC-D84D-4B7F-8A3D-A8B34F84A6CC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

19-12-2022 10:06:37 Scheduled Checkpoint
16-01-2023 16:34:27 Scheduled Checkpoint
17-01-2023 15:22:59 Nainštalované eID Klient
17-01-2023 15:57:01 Nainštalované eID Klient
20-01-2023 13:21:43 AdwCleaner_BeforeCleaning_20/01/2023_13:21:42

==================== Faulty Device Manager Devices ============

Name: Qualcomm Atheros QCA61x4 Bluetooth 4.1
Description: Qualcomm Atheros QCA61x4 Bluetooth 4.1
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/20/2023 11:22:18 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/19/2023 11:03:42 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/18/2023 09:46:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/17/2023 04:03:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Acrobat.exe, version: 22.3.20310.0, time stamp: 0x63a67749
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x0000000000063416
Faulting process id: 0x24ec
Faulting application start time: 0x01d92a845ba8a692
Faulting application path: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a3375b83-0cf8-413c-ac68-e2f31bc65749
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2023 03:53:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 108.0.2.8404, time stamp: 0x63b5c077
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x00000000000a1fe7
Faulting process id: 0x2b7c
Faulting application start time: 0x01d92a836b9a064d
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 268a20ed-2c20-4f5e-a02c-33b90b9fe06c
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2023 03:52:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 108.0.2.8404, time stamp: 0x63b5c077
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x00000000000a1fe7
Faulting process id: 0x2e34
Faulting application start time: 0x01d92a83412021fd
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: ce7f6ebf-e34e-48e6-acfc-f1848725ea2a
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2023 03:52:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 108.0.2.8404, time stamp: 0x63b5c077
Faulting module name: ntdll.dll, version: 10.0.19041.1466, time stamp: 0xe2f8ca76
Exception code: 0xc0000005
Fault offset: 0x00000000000a1fe7
Faulting process id: 0x28d8
Faulting application start time: 0x01d92a83356809f1
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 846eb919-ec77-4562-b95a-99e23b0224bf
Faulting package full name:
Faulting package-relative application ID:

Error: (01/17/2023 03:52:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 108.0.2.8404, time stamp: 0x63b5c077
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00007ff6a0856860
Faulting process id: 0x1418
Faulting application start time: 0x01d92a83392d8637
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Faulting module path: unknown
Report Id: a43bb707-56ac-4c0c-aa0d-b5700923e449
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (01/20/2023 01:22:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Kamo Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/20/2023 01:22:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast SecureLine VPN service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (01/20/2023 01:22:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Služba Microsoft Office Klikni a spusti service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (01/20/2023 01:22:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Služba Kaspersky Secure Connection 2.0.0 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/20/2023 12:42:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LenovoVantageService service terminated unexpectedly. It has done this 1 time(s).

Error: (01/20/2023 12:42:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Kamo Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (01/20/2023 12:42:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Služba Kaspersky Secure Connection 2.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/20/2023 12:42:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The System Interface Foundation Service service terminated unexpectedly. It has done this 1 time(s).


Windows Defender:
================
Date: 2023-01-20 11:39:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-01-19 11:13:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-21 12:05:10
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-21 09:54:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-02 12:18:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2022-09-19 15:11:16
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2022-08-25 09:31:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.359.295.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-08-25 09:31:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.359.295.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-08-25 09:31:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.359.295.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2022-08-25 09:31:18
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.359.295.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18900.3
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===============
Date: 2023-01-20 14:01:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-29 10:25:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-29 10:25:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-08-10 11:32:11
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: LENOVO A4CN40WW (V 2.09) 08/24/2015
Motherboard: LENOVO Lancer 5B3
Processor: AMD FX-7500 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 59%
Total physical RAM: 7098.61 MB
Available physical RAM: 2889.96 MB
Total Virtual: 15034.61 MB
Available Virtual: 10196.42 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:884.95 GB) (Free:752.19 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.17 GB) (Model: ST1000LM024 HN-M101MBB) NTFS

\\?\Volume{8be844a2-c0cb-420a-9c37-3a48dc133b69}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{c02ce649-f568-44d9-831c-1f6fe2135c34}\ (LENOVO_PART) (Fixed) (Total:19.34 GB) (Free:5.8 GB) NTFS
\\?\Volume{faab03ad-026d-41c4-8ebe-869afead6dc9}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8B8F2142)

Partition: GPT.

==================== End of Addition.txt ====================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Spomaleny NTB

#7 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {87483BBF-8021-4DCC-A8F9-4B0D6FFAF99C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-26] (Google Inc -> Google LLC)
Task: {B6E197C4-0ED6-4643-AC84-83FF5F11140E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-26] (Google Inc -> Google LLC)
Task: {C4EA2763-25DC-4F66-9E40-419A078089F7} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-05-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-05-20] <==== ATTENTION
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
SearchScopes: HKU\S-1-5-21-998356723-4003974587-366902119-1002 -> DefaultScope {6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} URL =
SearchScopes: HKU\S-1-5-21-998356723-4003974587-366902119-1002 -> {6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} URL =
FirewallRules: [{FD8AB2C5-07F6-4EC5-9CF8-50FDCC7A0779}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{05EDD130-7E4F-4EC8-9A3A-50D0DE0A3AF1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Huso
Návštěvník
Návštěvník
Příspěvky: 166
Registrován: 18 lis 2007 19:00

Re: Spomaleny NTB

#8 Příspěvek od Huso »

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-01-2023
Ran by TUN (23-01-2023 09:43:26) Run:1
Running from C:\Users\TUN\Desktop
Loaded Profiles: TUN
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {87483BBF-8021-4DCC-A8F9-4B0D6FFAF99C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-26] (Google Inc -> Google LLC)
Task: {B6E197C4-0ED6-4643-AC84-83FF5F11140E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-07-26] (Google Inc -> Google LLC)
Task: {C4EA2763-25DC-4F66-9E40-419A078089F7} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-05-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-05-20] <==== ATTENTION
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
SearchScopes: HKU\S-1-5-21-998356723-4003974587-366902119-1002 -> DefaultScope {6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} URL =
SearchScopes: HKU\S-1-5-21-998356723-4003974587-366902119-1002 -> {6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} URL =
FirewallRules: [{FD8AB2C5-07F6-4EC5-9CF8-50FDCC7A0779}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File
FirewallRules: [{05EDD130-7E4F-4EC8-9A3A-50D0DE0A3AF1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87483BBF-8021-4DCC-A8F9-4B0D6FFAF99C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87483BBF-8021-4DCC-A8F9-4B0D6FFAF99C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6E197C4-0ED6-4643-AC84-83FF5F11140E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E197C4-0ED6-4643-AC84-83FF5F11140E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4EA2763-25DC-4F66-9E40-419A078089F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4EA2763-25DC-4F66-9E40-419A078089F7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\rempl\shell-usoscan" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CLVDShellExt => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\CLVDShellExt => removed successfully
"HKU\S-1-5-21-998356723-4003974587-366902119-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-998356723-4003974587-366902119-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6BAF1700-CC8B-4FC3-BAF0-4A23A59085C9} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD8AB2C5-07F6-4EC5-9CF8-50FDCC7A0779}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05EDD130-7E4F-4EC8-9A3A-50D0DE0A3AF1}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 96399324 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 7921700 B
Edge => 56832 B
Chrome => 9320318 B
Firefox => 1125678162 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 70652 B
NetworkService => 326395014 B
TUN => 572846600 B

RecycleBin => 30191467 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:52:54 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Spomaleny NTB

#9 Příspěvek od Rudy »

Smazáno. Změnilo se něco k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Huso
Návštěvník
Návštěvník
Příspěvky: 166
Registrován: 18 lis 2007 19:00

Re: Spomaleny NTB

#10 Příspěvek od Huso »

Ano, je to podstatne lepsie...Je treba este nieco urobit?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Spomaleny NTB

#11 Příspěvek od Rudy »

Ještě je možné sefragmentovat disk. Ale nemusíte, pokud jste s rychlostí spokojen.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Huso
Návštěvník
Návštěvník
Příspěvky: 166
Registrován: 18 lis 2007 19:00

Re: Spomaleny NTB

#12 Příspěvek od Huso »

OK. Velmi pekne dakujem!! :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Spomaleny NTB

#13 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno