ipfs.io otravuje na AVASTu.
Napsal: 24 úno 2023 18:00
Máte někdo prosím zkušenosti s hláškou v Avastu ipfs.io jak je to nebezpečné případně jak to odstranit?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2023
Ran by david (administrator) on DESKTOP-33BMKLN (LENOVO 20T8000MCK) (24-02-2023 17:52:54)
Running from C:\Users\david\Downloads
Loaded Profiles: david
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngineProcess.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.49\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe <6>
(C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe ->) (The CefSharp Authors) [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5>
(C:\Users\david\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\david\AppData\Local\Programs\Opera\95.0.4635.37\opera_crashreporter.exe
(C:\Users\david\Downloads\FRST64.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2210.5.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PING.EXE
(DeepL SE -> DeepL SE) C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe
(Discord Inc. -> Discord Inc.) C:\Users\david\AppData\Local\Discord\app-1.0.9011\Discord.exe <6>
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~4.INF\DAX3API.exe
(DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN1541~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN1541~1.INF\driver\tposd.exe
(DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atieclxx.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <76>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(explorer.exe ->) (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Opera Norway AS -> Opera Software) C:\Users\david\AppData\Local\Programs\Opera\opera.exe <39>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bbb0597391852f64\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.16.10262.0_x64__8wekyb3d8bbwe\OpenConsole.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.16.10262.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.32.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [219032 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\Installer\setup.exe [4083104 2023-02-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2629504 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [Discord] => C:\Users\david\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [Opera Browser Assistant] => C:\Users\david\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe [108832 2023-01-04] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [MicrosoftEdgeAutoLaunch_30FCCE2722F4190AAE310221237BB02B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [AvastBrowserAutoLaunch_11B78FCBE112467C4B96E3A1DD89C487] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.177\Installer\chrmstp.exe [2023-02-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\Installer\chrmstp.exe [2023-02-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-02-27]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-06-18]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\david\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {083C88CC-4AA8-4B79-B5CE-03182A524A4D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4191128 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {13634E96-AB06-4E18-AA87-F2A8A8D5DAEF} - System32\Tasks\Opera scheduled assistant Autoupdate 1619876587 => C:\Users\david\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\david\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {15C932B4-A62E-454C-9344-3E6B3E6BD0EF} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3281388561-3768802976-1092351426-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4191128 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A831A22-AAA1-4C96-8CEE-5EAA96200682} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {1F66FE0B-E387-488F-AA25-5FC6292E8C98} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {349C515E-DC6C-48FB-B11D-1F4A7CDF9D27} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {3FC92972-366F-47E3-B9C4-9F397E35900B} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {4A9EAB31-2EB0-4746-B081-9160F2AF8B7A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\af38654e-59e3-44c6-b0a1-bdf061478bcb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {502586D8-B873-4CE9-A44A-CD322A6B13F3} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {55279B4A-7572-4A15-817F-10A5BA2DB88E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5A6248F0-DEDD-45D6-A0E9-C01D8F29DC59} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fdf33755-dad5-40eb-b71e-79e9007f1fb6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5C7F5FC1-D693-4CB6-BA92-A4E74969095B} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90832 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {6020AB7F-CFEC-480C-B58B-D930DFF3F22B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {6EBF9D12-2DB3-4CD8-A4B4-2333DE8F9C95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-10] (Google LLC -> Google LLC)
Task: {7716818B-1EDC-45F2-9ADB-BF69FC69E35B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {79C86E68-F4B9-40D3-A26C-B1A4A964BFCC} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {7B3691C3-C3EF-4A3C-9E42-B21C74BB6438} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {823A0742-9E16-4A9B-90B4-93232800594A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {85B1ADB4-CE2C-4E13-B49C-22DEA35F5BC6} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {87C27346-9DE7-47F7-9FC1-053CA0B862A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-10] (Google LLC -> Google LLC)
Task: {967F9F73-91DD-492D-B485-9297EE82D303} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {A7A7288C-C075-428B-BE07-F43901C9537B} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AA3C7C49-4758-45BD-A0F2-3371D92CC966} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {ABE0A74E-3BF2-4313-A19A-D1E722E890EB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [661408 2023-02-03] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AD0E2488-0D3D-44CB-8E47-DEFD5C50DB83} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {B9F44538-A70B-49B7-BC0C-A316EFB7FD56} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [186568 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {BD72102D-D753-430D-ADF7-E909A454F175} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE7A9201-2CDF-4F11-9917-7FAB8E56268B} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bbb0597391852f64\RtkAudUService64.exe [3495904 2022-05-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CB4A7E19-885A-421D-9C25-5B77B7A8FB3F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168920 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CD4201B3-7541-4B92-AB1B-148540214266} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {D625C769-7EE6-447F-8825-3AB2AF6F2C83} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {D6D27CF2-7DD7-490F-83E4-BD2A93758025} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-02-16] (Avast Software s.r.o. -> Avast Software)
Task: {D8DF72C8-7EE5-42E5-87F5-D755383F11F5} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DA39A14D-D946-4680-BF98-A3372A4058E3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DB8250BA-FFE3-4406-AEA7-2747A00AC044} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFDA188D-7618-4E4B-A0F6-CA20F79F0B90} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EB3C657D-FF6F-4FB5-8112-F4F5457D7A85} - System32\Tasks\Opera scheduled Autoupdate 1619876583 => C:\Users\david\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
Task: {EC2AB8F6-FEE7-4145-8558-FEB3000D96E2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cc3d3e3-f829-418d-ab07-c1231bda7d2c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F003956C-3449-41D6-901D-1B542FFFF832} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F337DE39-3F21-42F3-ADCF-27773243D30C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4867992 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {F6E20DB6-7937-4969-8281-48929B6D5F6B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8464EBF-3FB6-4236-8983-FF742FA9811A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7adfb55d-330b-4403-9a87-ce47aa6f2a16 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{9bf49c9e-bc3d-4518-9f8d-f5bfeda68eac}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{AE4417C4-ABC4-4ED2-95B8-68EABA0A4BAB}: [NameServer] 10.0.0.1 8.8.8.8
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-24]
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Math Wallet) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\afbcbjpbpfadlkmhmclhkeeodmamcflc [2022-10-24]
Edge Extension: (SSHGate ssh client and terminal emulator) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akjclknoaegmfejdhkncppnmjemkohdg [2022-10-24]
Edge Extension: (Yoroi) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akoiaibnepcedcplijmiamnaigbepmcb [2023-02-15]
Edge Extension: (MetaMask) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejbalbakoplchlghecdalmeeeajnimhm [2023-02-24]
Edge Extension: (Talisman - Polkadot Wallet) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fijngjgcjhjmmpcmkeiomlglpeiijkld [2023-02-11]
Edge Extension: (polkadot{.js} extension) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-12]
Edge Extension: (IPFS Companion) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nibjojkomfdiaoajekhjakgkdhaomnch [2023-02-24]
Edge Extension: (MetaMask) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-02-24]
FireFox:
========
FF DefaultProfile: c5nmaa40.default
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\c5nmaa40.default [2022-06-26]
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\msko3mo7.default-release [2023-02-17]
FF Extension: (polkadot extension) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\msko3mo7.default-release\Extensions\{7e3ce1f0-15fb-4fb1-99c6-25774749ec6d}.xpi [2022-06-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\david\AppData\Local\Google\Chrome\User Data\Default [2023-02-24]
CHR Notifications: Default -> hxxps://captchacoolnow.top; hxxps://twitter.com; hxxps://www.distrelec.cz; hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Math Wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbcbjpbpfadlkmhmclhkeeodmamcflc [2022-10-20]
CHR Extension: (SSHGate ssh client and terminal emulator) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjclknoaegmfejdhkncppnmjemkohdg [2022-10-20]
CHR Extension: (Easy Viewer) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\anjoggeimnldigfcihcggejncophmhjc [2021-02-10]
CHR Extension: (Yoroi) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2023-02-14]
CHR Extension: (Talisman - Polkadot Wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijngjgcjhjmmpcmkeiomlglpeiijkld [2023-02-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2023-02-22]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2021-02-10]
CHR Extension: (Parallel wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkgjmpfammbgejcpedggoefddacbdia [2022-12-05]
CHR Extension: (polkadot{.js} extension) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-18]
CHR Extension: (IPFS Companion) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nibjojkomfdiaoajekhjakgkdhaomnch [2023-02-23]
CHR Extension: (MetaMask) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (NACL Web Plug-in) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdcmagkbhnjpjlnpibbmggikpedpilc [2021-02-10]
CHR Profile: C:\Users\david\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-15]
Opera:
=======
OPR Profile: C:\Users\david\AppData\Roaming\Opera Software\Opera Stable [2023-02-24]
OPR Notifications: Opera Stable -> hxxps://www.youtube.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-03]
OPR Extension: (Opera Coupons | kupóny a slevové kódy) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\eplcjggklbefnipglcfdfalbbjpmkbkl [2023-02-15]
OPR Extension: (Opera Wallet) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-15]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-21]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2022-01-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8603544 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576408 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [575896 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\elevation_service.exe [1824504 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12554240 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe [2305576 2021-12-08] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncHelper.exe [3486640 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [437680 2022-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe [850936 2022-11-24] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LITSSvc.exe [1260488 2023-01-17] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\LPlatSvc.exe [906232 2022-11-24] (Lenovo -> Lenovo)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.033.0212.0001\OneDriveUpdaterService.exe [3867032 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249328 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15162168 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\TPHKLOAD.exe [492280 2022-12-06] (Lenovo -> Lenovo Group Limited)
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72912 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137600 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\amdkmdag.sys [80559984 2022-01-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31392 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [231800 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391264 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297848 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95928 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39600 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268448 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556080 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105216 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80392 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [696016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-10-20] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-10-20] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmdrv.sys [53240 2022-11-24] (Lenovo -> Lenovo)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\pmdrvs.sys [38904 2022-11-24] (Lenovo -> Lenovo)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-24 17:32 - 2023-02-24 17:34 - 000056310 _____ C:\Users\david\Downloads\Addition.txt
2023-02-24 17:31 - 2023-02-24 17:53 - 000043298 _____ C:\Users\david\Downloads\FRST.txt
2023-02-24 17:31 - 2023-02-24 17:53 - 000000000 ____D C:\FRST
2023-02-24 17:30 - 2023-02-24 17:30 - 002378752 _____ (Farbar) C:\Users\david\Downloads\FRST64.exe
2023-02-23 11:57 - 2023-02-23 11:57 - 003811999 _____ C:\Users\david\Downloads\Skener_20230223 (2).pdf
2023-02-21 08:39 - 2023-01-17 09:42 - 001260488 _____ (Lenovo.) C:\WINDOWS\system32\LITSSvc.exe
2023-02-20 18:50 - 2023-02-20 18:50 - 000063672 _____ C:\Users\david\Downloads\Vyúčtování ze smlouvy číslo 0053362419.pdf
2023-02-20 13:47 - 2023-02-20 14:27 - 733990912 _____ C:\Users\david\Downloads\Dabelsky vas 1968 DVDRip XviD czdub.avi
2023-02-19 14:01 - 2023-02-19 14:01 - 000692356 _____ C:\WINDOWS\system32\perfh005.dat
2023-02-19 14:01 - 2023-02-19 14:01 - 000143226 _____ C:\WINDOWS\system32\perfc005.dat
2023-02-19 13:55 - 2023-02-19 13:55 - 000000000 ___HD C:\avast! sandbox
2023-02-16 08:04 - 2023-02-20 18:35 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-02-16 08:04 - 2023-02-20 18:35 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-02-16 08:03 - 2023-02-16 08:03 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2023-02-16 08:03 - 2023-02-16 08:03 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2023-02-16 08:02 - 2023-02-16 08:04 - 000000000 ____D C:\Users\david\AppData\Local\Avast Software
2023-02-16 08:02 - 2023-02-16 08:02 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2023-02-16 08:02 - 2023-02-16 08:02 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2023-02-16 08:02 - 2023-02-16 08:02 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-02-16 08:01 - 2023-02-16 08:01 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2023-02-16 08:01 - 2023-02-16 08:01 - 000002159 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2023-02-16 08:01 - 2023-02-16 08:01 - 000000000 ____D C:\Users\david\AppData\Roaming\Avast Software
2023-02-16 08:00 - 2023-02-24 09:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-02-16 08:00 - 2023-02-23 07:49 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-02-16 08:00 - 2023-02-16 08:00 - 000288664 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-02-16 08:00 - 2023-02-16 08:00 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-02-16 07:59 - 2023-02-19 13:54 - 000000000 ____D C:\ProgramData\Avast Software
2023-02-16 07:59 - 2023-02-16 07:59 - 000000000 ____D C:\Program Files\Avast Software
2023-02-16 07:58 - 2023-02-16 07:58 - 000263000 _____ (AVAST Software) C:\Users\david\Downloads\avast_free_antivirus_setup_online.exe
2023-02-15 18:50 - 2023-02-15 18:50 - 000000000 ___HD C:\$WinREAgent
2023-02-11 11:16 - 2023-02-11 12:45 - 1651495010 _____ C:\Users\david\Downloads\Občan Kane - Citizen Kane CZ tit.avi
2023-02-06 12:33 - 2023-02-06 12:33 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_hidtelephony_02_15_00.Wdf
2023-02-05 08:40 - 2023-02-05 09:34 - 1003412581 _____ C:\Users\david\Downloads\Born to Be Bad (1934)[ktrip].mkv
2023-02-05 00:31 - 2023-02-05 08:03 - 787065153 _____ C:\Users\david\Downloads\It's a Wonderful World 1939.mp4
2023-02-03 20:06 - 2023-02-04 10:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-01 13:15 - 2023-02-01 13:15 - 001243519 _____ C:\Users\david\Downloads\Technické podklady Nuvola 3 Comfort, Nuvola 3 B40_
2023-02-01 13:03 - 2023-02-01 13:03 - 004288634 _____ C:\Users\david\Downloads\pt32gst-cz-v1203-2020.indd.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-24 17:54 - 2021-08-15 13:56 - 000000000 ____D C:\Users\david\AppData\Local\Discord
2023-02-24 17:49 - 2021-08-15 13:56 - 000000000 ____D C:\Users\david\AppData\Roaming\discord
2023-02-24 17:27 - 2021-02-10 11:41 - 000000000 ____D C:\Users\david\AppData\Local\D3DSCache
2023-02-24 17:05 - 2021-02-10 12:04 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-24 16:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-02-24 16:47 - 2022-10-20 09:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-24 16:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-02-24 13:06 - 2021-03-18 08:32 - 000000000 ____D C:\Users\david\AppData\LocalLow\Mozilla
2023-02-24 12:02 - 2020-12-20 02:39 - 000000000 ____D C:\ProgramData\Goodix
2023-02-24 10:39 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-24 10:39 - 2021-02-10 11:41 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2023-02-24 10:38 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-24 09:35 - 2022-10-20 09:57 - 000003768 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1619876587
2023-02-24 09:35 - 2022-10-20 09:57 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-24 09:35 - 2022-10-20 09:57 - 000003514 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1619876583
2023-02-24 09:35 - 2022-10-20 09:57 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-24 09:35 - 2022-10-20 09:57 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-24 09:35 - 2022-10-20 09:57 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-24 09:35 - 2022-10-20 09:57 - 000003070 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3281388561-3768802976-1092351426-1001
2023-02-24 09:35 - 2022-10-20 09:57 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-02-24 09:35 - 2022-10-20 09:57 - 000002452 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2023-02-23 18:59 - 2020-12-20 02:35 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-23 15:07 - 2021-09-13 18:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-02-23 15:07 - 2021-02-10 12:40 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-23 15:07 - 2021-02-10 11:42 - 000000000 ___RD C:\Users\david\OneDrive
2023-02-22 21:05 - 2021-02-10 12:04 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-22 21:05 - 2021-02-10 12:04 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-02-21 16:28 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-02-21 08:39 - 2022-03-16 22:19 - 000000000 ____D C:\WINDOWS\system32\icmsg
2023-02-21 08:39 - 2020-12-20 02:40 - 000000000 ____D C:\WINDOWS\TempInst
2023-02-20 17:03 - 2021-05-01 14:43 - 000001416 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-02-19 19:52 - 2020-12-20 02:34 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-19 19:52 - 2020-12-20 02:34 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-02-19 14:01 - 2022-10-20 10:02 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-19 13:54 - 2022-10-20 09:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-19 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-19 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-19 13:54 - 2021-02-10 12:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-02-19 13:54 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2023-02-19 13:53 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-16 08:00 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-16 03:01 - 2022-10-20 09:52 - 000471152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-16 03:00 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 19:00 - 2021-02-14 10:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 18:58 - 2021-02-14 06:58 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 18:53 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 18:52 - 2022-10-20 09:54 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 07:26 - 2020-05-06 19:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-07 02:44 - 2022-10-20 09:53 - 000000000 ____D C:\Users\david
2023-02-04 10:09 - 2022-10-20 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-02-04 10:09 - 2022-06-26 14:06 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-04 10:09 - 2022-06-26 14:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-31 22:58 - 2021-12-03 10:07 - 000000000 ____D C:\Users\david\AppData\Roaming\Ledger Live
2023-01-31 22:51 - 2021-12-03 10:07 - 000000000 ____D C:\Program Files\Ledger Live
2023-01-27 09:34 - 2021-02-10 13:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-25 13:19 - 2021-02-27 13:19 - 000000000 ____D C:\Users\david\AppData\Roaming\TREZOR Bridge
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2023
Ran by david (24-02-2023 17:32:57)
Running from C:\Users\david\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) (2022-10-20 08:57:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3281388561-3768802976-1092351426-500 - Administrator - Disabled)
david (S-1-5-21-3281388561-3768802976-1092351426-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-3281388561-3768802976-1092351426-503 - Limited - Disabled)
Guest (S-1-5-21-3281388561-3768802976-1092351426-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3281388561-3768802976-1092351426-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.1.6049 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 110.0.20215.104 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
balenaEtcher 1.7.8 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.7.8 - Balena Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1090 - AB Team, d.o.o.)
DeepL (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - )
Discord (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Exodus (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\exodus) (Version: 21.4.12 - Exodus Movement Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.177 - Google LLC)
IPFS Desktop 0.20.4 (HKLM\...\033dffdc-028b-55d6-9442-9e386fe5b76e) (Version: 0.20.4 - Protocol Labs, Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Ledger Live 2.52.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.52.0 - Ledger Live Team)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.16026.20200 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM\...\{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM\...\{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 109.0.1 (x64 cs)) (Version: 109.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 95.0.4635.46 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Opera 95.0.4635.46) (Version: 95.0.4635.46 - Opera Software)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Telegram Desktop version 3.7.3 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC)
Trezor Suite 23.1.1 (HKLM\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 23.1.1 - SatoshiLabs)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Wasabi Wallet (HKLM\...\{FFC1B29A-A111-47CF-BEF6-9A26DB0BF959}) (Version: 1.1.12.5 - zkSNACKs)
Zoom (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\ZoomUMX) (Version: 5.8.3 (1581) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-04-05] (Advanced Micro Devices Inc.) [Startup Task]
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-17] (Microsoft Corp.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.30201.210.0_x64__rz1tebttyb220 [2022-10-20] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-11] (Microsoft Corporation)
ELAN Touchpad for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadforThinkpad_24.121.15.0_x64__stws0m115j6hg [2023-01-24] (ELAN Microelectronics Corporation)
ELAN TrackPoint for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTrackPointforThinkpa_24.121.18.0_x64__stws0m115j6hg [2023-01-24] (ELAN Microelectronics Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_9.28.496.0_x64__17mer8kcn3j54 [2023-01-27] (Mirametrix Inc.) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-21] (LENOVO INC.)
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.16.0_x64__8wekyb3d8bbwe [2023-02-02] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-10-22] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-25] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-20] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-01-13] (ms-resource:ProductPublisherDisplayName)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2023-01-24] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3281388561-3768802976-1092351426-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe (DeepL SE -> DeepL SE)
CustomCLSID: HKU\S-1-5-21-3281388561-3768802976-1092351426-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Easy Viewer.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc
ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\NACL Web Plug-in.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=pbdcmagkbhnjpjlnpibbmggikpedpilc
ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
==================== Loaded Modules (Whitelisted) =============
2022-11-21 16:40 - 2022-08-21 02:44 - 001160192 _____ () [File not signed] [File is in use] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 000438784 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\amdlinkremoteserver.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2022-04-05 07:14 - 2022-04-05 07:16 - 000258560 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2022-11-21 16:40 - 2022-08-19 08:38 - 175591424 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2022-11-21 16:40 - 2022-08-19 07:11 - 000442880 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2022-11-21 16:41 - 2022-08-19 07:10 - 006480384 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2022-11-21 16:41 - 2022-08-19 07:07 - 004077568 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2022-11-21 16:40 - 2022-08-19 07:10 - 000828928 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\D3DCompiler_47.dll
2020-12-20 02:35 - 2020-12-20 02:35 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-12-20 02:35 - 2020-12-20 02:35 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-11-21 16:41 - 2022-08-19 07:16 - 001231872 _____ (The Chromium Authors) [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Multimedia.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5MultimediaQuick.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtMultimedia\declarative_multimedia.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Lenovo\ThinkPadwallpaper.jpg
DNS Servers: 10.0.0.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{FEC95784-14AA-40B2-B346-7BD54A0C5D2C}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [TCP Query User{BAA48C16-AF9C-41CC-8A84-6B64EE2F2CBB}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [{ABF5B404-8B57-46D2-AAC1-4905C4080785}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F02A5808-E877-4B4E-B184-F884DB3B14C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F22AB076-832F-4120-98AA-49110C1AB7FD}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [TCP Query User{83DC78F7-5164-4C5D-8DB6-5A74A6DE2CB2}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [UDP Query User{7139D722-3E94-4FA1-9F4E-771BFEED8165}C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe] => (Allow) C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe (Protocol Labs, Inc. -> )
FirewallRules: [TCP Query User{89DF982A-A285-4D45-9EA1-98022D7CD018}C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe] => (Allow) C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe (Protocol Labs, Inc. -> )
FirewallRules: [UDP Query User{7915EC1E-1418-4269-B73F-2B58BB7EDF64}C:\program files\ipfs desktop\ipfs desktop.exe] => (Allow) C:\program files\ipfs desktop\ipfs desktop.exe (Protocol Labs, Inc. -> Protocol Labs, Inc.)
FirewallRules: [TCP Query User{F0960D98-C8A4-4C94-B946-1AA01F6CFD45}C:\program files\ipfs desktop\ipfs desktop.exe] => (Allow) C:\program files\ipfs desktop\ipfs desktop.exe (Protocol Labs, Inc. -> Protocol Labs, Inc.)
FirewallRules: [{E47874DC-2144-4D66-A80E-5F557B7A03E5}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{948D3F2A-4FC2-48CC-9A5B-AAEF44F08CE6}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{11F58DBB-32EA-421F-8F9D-09CFD618E14D}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{F7D621F6-7FB6-4E06-9B0B-35831BF120B9}C:\users\david\downloads\winbox64.exe] => (Allow) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{9573DA98-4CC7-4E4E-B591-964B28906403}C:\users\david\downloads\winbox64.exe] => (Allow) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{6122D9AD-295A-43FC-8636-2309CB0B033C}C:\users\david\downloads\winbox64.exe] => (Block) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{3C0E31B6-112B-434E-8377-2D2E9F19F96B}C:\users\david\downloads\winbox64.exe] => (Block) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{5A72C00B-8A80-478F-AC61-434208D8724F}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{3F262DE1-76DF-472E-931C-DA20DF9191DF}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{C64BF34A-3A7F-4581-BC60-0E0C097FD462}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{D161BC17-CD6B-4246-B622-B7765C1A7AE1}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{5BB08B27-F70B-40A2-89CC-994BF384E689}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{515A0591-471B-4667-BB27-A13B3B244457}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [TCP Query User{B3D7B456-9CFF-45B2-A670-8AC075C006CE}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{24190330-D28B-4B76-AF28-D71A8CDA5C55}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [{5D859CF9-DD65-42EA-855D-41D532BA3451}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1DA55E18-C0E7-441A-808D-0F14B2AF5ADF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{157D8C22-25CA-4D1F-AF6E-E9D25AF1731A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{167B6D33-4055-4BE2-BA1E-4F7C8BD52C32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{C2C17240-ACC4-4CD5-BBC6-77176D7BE231}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{7F83B5AF-AB9B-4E66-A337-965EE74EEC02}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{339B7D4D-227C-4E7C-B0E9-EE4B713E8CE2}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{916EAE12-AA6A-40A3-AED5-CBC186848EF9}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{CC8894AB-1F99-4F2A-AAB1-C65295AEDC01}C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe] => (Allow) C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{3B6E3764-37B0-472F-9E92-A61598B6A9B7}C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe] => (Allow) C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{83F2D6A4-47B7-4B4F-AB41-82AA0B5802D9}C:\users\david\downloads\winbox64 (1).exe] => (Allow) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{535AED30-E051-4967-8BD6-37D573BC19DF}C:\users\david\downloads\winbox64 (1).exe] => (Allow) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{77AD6658-1C50-4C1C-94A6-D9519D9077D9}] => (Block) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{64878B04-A49A-4542-BA96-D4E123E0FDEE}] => (Block) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{28EA61FE-CB57-4128-9002-DEF324A202BA}C:\brnonet\mikrotik\winbox64 (1).exe] => (Allow) C:\brnonet\mikrotik\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{8BF893C8-3F17-48DF-A861-A472CD44D0B9}C:\brnonet\mikrotik\winbox64 (1).exe] => (Allow) C:\brnonet\mikrotik\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{203BF5B0-EC55-4A3E-8996-8E078398CE89}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{151068B6-CB76-49D0-9504-CD82A9E649BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DD7BDDF7-E8F1-43D9-BD36-ADF0FEA82509}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2DD8500B-DA08-42BC-A2ED-3D3F39897AED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9F74F04E-1DF2-4A4B-AAEC-8D63912C23B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{E62BBB40-20E3-4E64-8779-ABCC4A6DA7C0}C:\users\david\downloads\winbox64 (2).exe] => (Allow) C:\users\david\downloads\winbox64 (2).exe => No File
FirewallRules: [UDP Query User{E584F9AD-2C33-48C4-AA69-0AA8843CD5A7}C:\users\david\downloads\winbox64 (2).exe] => (Allow) C:\users\david\downloads\winbox64 (2).exe => No File
FirewallRules: [TCP Query User{4BDDC0DD-ABD1-42EE-8383-EE086AB98191}C:\brnonet\winbox64 (2).exe] => (Allow) C:\brnonet\winbox64 (2).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{C96A415A-18E7-4BB3-AB98-6B691050BED2}C:\brnonet\winbox64 (2).exe] => (Allow) C:\brnonet\winbox64 (2).exe (Mikrotikls SIA -> )
FirewallRules: [{59ED960C-4695-4988-AD63-70FD54594AF9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{700E3109-0D91-4AEC-BA3E-135F2A681556}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{704625DB-DF6D-4FD3-AACE-561B43E2C539}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CA000886-AD32-4089-AD9C-2B28D3DCB1A5}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D2057F4E-1FE5-4EA0-9427-CCF0556701EC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{073687F5-1C8E-4D55-A6D9-F19C24F61DC6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6609170-5EDC-4958-B0AF-0C1D0FA6F19C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8FF1297C-C105-40DC-B363-96EDB12298D9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3E7377C7-2671-4F6B-84F9-38386D845E07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C6A590E-C0AC-4955-8EB6-51A853CF565E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBE4778C-BA25-4927-AAFF-85DE4B6B03CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{848B354F-251F-471D-A462-E82A7BC142B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
24-02-2023 11:02:15 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/23/2023 06:59:13 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-33BMKLN)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.
Error: (02/20/2023 07:47:59 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_WbioSrvc, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.900, časové razítko: 0xa97a9ed6
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a2f1a
ID chybujícího procesu: 0x0x6318
Čas spuštění chybující aplikace: 0x0x1d944c9a850e5ba
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f927ac11-0595-4534-8e36-f1e2b52a1eb9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/14/2023 05:37:59 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-33BMKLN)
Description: Název chybující aplikace: chrome.exe, verze: 109.0.5414.120, časové razítko: 0x63ced377
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.963, časové razítko: 0x766ca8ae
Kód výjimky: 0xe0000008
Posun chyby: 0x00000000000906bc
ID chybujícího procesu: 0x0x3e74
Čas spuštění chybující aplikace: 0x0x1d93a95e8d55830
Cesta k chybující aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 40ad33e9-5c78-4402-9e00-205cea3af3dd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/10/2023 06:25:59 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x5d9c
Čas spuštění chybující aplikace: 0x0x1d93d7466ac5697
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 1f5824bb-9239-44e7-a8cb-b12127ed6e1f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/10/2023 03:58:34 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x36ac
Čas spuštění chybující aplikace: 0x0x1d93cfb65387dcc
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 15cd4275-84fb-418e-b3ee-e7a064243b28
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/08/2023 12:17:40 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-33BMKLN)
Description: Název chybující aplikace: msteamsupdate.exe, verze: 23002.403.1788.1930, časové razítko: 0x63b90624
Název chybujícího modulu: msteamsupdate.exe, verze: 23002.403.1788.1930, časové razítko: 0x63b90624
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000feaed
ID chybujícího procesu: 0x0x9a0
Čas spuštění chybující aplikace: 0x0x1d93b4a5f11dc15
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteamsupdate.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteamsupdate.exe
ID zprávy: b0a37f07-8799-4421-be88-96c4afd09cfc
Úplný název chybujícího balíčku: MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: msteamsupdate
Error: (02/02/2023 02:32:46 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x590c
Čas spuštění chybující aplikace: 0x0x1d936a5feaf533f
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 5ac4e1a1-1ff4-4cae-86fc-9349693c95ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/22/2023 03:14:31 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x19b4
Čas spuštění chybující aplikace: 0x0x1d92e0731dea83e
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: cad92b57-62f5-4772-a68c-bba85d979775
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/24/2023 10:39:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (02/23/2023 06:58:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (02/23/2023 11:15:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (02/22/2023 03:49:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (02/21/2023 04:30:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (02/20/2023 07:48:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Biometrická služba systému Windows byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/19/2023 01:54:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Crash Defender Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/19/2023 01:54:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Crash Defender Service bylo dosaženo časového limitu (45000 ms).
Windows Defender:
================
Date: 2023-02-15 07:38:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4840786C-2BE5-4DC3-83BE-F49859153F1B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-02-13 10:06:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69925481-ED42-4422-AF8B-6091E0910766}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-02-12 14:23:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5525ABCD-3C2D-4BF8-91FA-0C5A18F875C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-02-11 10:21:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {59CF7546-8928-416F-9471-CBED7CCABE40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-02-10 15:36:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {99E83A67-4D6F-4922-B98B-B25DDCCFC35E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-02-24 17:01:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-02-24 13:19:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO R1AET33W (1.09 ) 10/26/2020
Motherboard: LENOVO 20T8000MCK
Processor: AMD Ryzen 5 4500U with Radeon Graphics
Percentage of memory in use: 82%
Total physical RAM: 15591.43 MB
Available physical RAM: 2759.11 MB
Total Virtual: 39954.81 MB
Available Virtual: 6821.61 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:237.23 GB) (Free:63.37 GB) (Model: SAMSUNG MZALQ256HAJD-000L1) (Protected) NTFS
\\?\Volume{a806eee1-bdab-4de3-b8cd-f99b8570c505}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.27 GB) NTFS
\\?\Volume{8cbe5646-85be-4777-ad5d-32fac9e9268e}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: ACD486B2)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2023
Ran by david (administrator) on DESKTOP-33BMKLN (LENOVO 20T8000MCK) (24-02-2023 17:52:54)
Running from C:\Users\david\Downloads
Loaded Profiles: david
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (Advanced Micro Devices Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngineProcess.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.49\msedgewebview2.exe <6>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe <6>
(C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe ->) (The CefSharp Authors) [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5>
(C:\Users\david\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\david\AppData\Local\Programs\Opera\95.0.4635.37\opera_crashreporter.exe
(C:\Users\david\Downloads\FRST64.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2210.5.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PING.EXE
(DeepL SE -> DeepL SE) C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe
(Discord Inc. -> Discord Inc.) C:\Users\david\AppData\Local\Discord\app-1.0.9011\Discord.exe <6>
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~4.INF\DAX3API.exe
(DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN1541~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN1541~1.INF\driver\tposd.exe
(DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atieclxx.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <76>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(explorer.exe ->) (SatoshiLabs, s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Opera Norway AS -> Opera Software) C:\Users\david\AppData\Local\Programs\Opera\opera.exe <39>
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdlogsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bbb0597391852f64\RtkAudUService64.exe <3>
(services.exe ->) (Shenzhen Goodix Technology Co., Ltd. -> Goodix) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.16.10262.0_x64__8wekyb3d8bbwe\OpenConsole.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsTerminal_1.16.10262.0_x64__8wekyb3d8bbwe\WindowsTerminal.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2212.32.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [219032 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\Installer\setup.exe [4083104 2023-02-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2629504 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [Discord] => C:\Users\david\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [Opera Browser Assistant] => C:\Users\david\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3916232 2022-12-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [LenovoVantageToolbar] => C:\ProgramData\Lenovo\Vantage\Addins\LenovoBatteryGaugeAddin\1.0.0.62\x64\QSHelper.exe [108832 2023-01-04] (Lenovo -> Lenovo Group Ltd.)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [MicrosoftEdgeAutoLaunch_30FCCE2722F4190AAE310221237BB02B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Run: [AvastBrowserAutoLaunch_11B78FCBE112467C4B96E3A1DD89C487] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.177\Installer\chrmstp.exe [2023-02-22] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\Installer\chrmstp.exe [2023-02-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-02-27]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2022-06-18]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\david\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {083C88CC-4AA8-4B79-B5CE-03182A524A4D} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4191128 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {13634E96-AB06-4E18-AA87-F2A8A8D5DAEF} - System32\Tasks\Opera scheduled assistant Autoupdate 1619876587 => C:\Users\david\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\david\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {15C932B4-A62E-454C-9344-3E6B3E6BD0EF} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3281388561-3768802976-1092351426-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4191128 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A831A22-AAA1-4C96-8CEE-5EAA96200682} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {1F66FE0B-E387-488F-AA25-5FC6292E8C98} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {349C515E-DC6C-48FB-B11D-1F4A7CDF9D27} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {3FC92972-366F-47E3-B9C4-9F397E35900B} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {4A9EAB31-2EB0-4746-B081-9160F2AF8B7A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\af38654e-59e3-44c6-b0a1-bdf061478bcb => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {502586D8-B873-4CE9-A44A-CD322A6B13F3} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {55279B4A-7572-4A15-817F-10A5BA2DB88E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5A6248F0-DEDD-45D6-A0E9-C01D8F29DC59} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fdf33755-dad5-40eb-b71e-79e9007f1fb6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5C7F5FC1-D693-4CB6-BA92-A4E74969095B} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90832 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {6020AB7F-CFEC-480C-B58B-D930DFF3F22B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {6EBF9D12-2DB3-4CD8-A4B4-2333DE8F9C95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-10] (Google LLC -> Google LLC)
Task: {7716818B-1EDC-45F2-9ADB-BF69FC69E35B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (No File)
Task: {79C86E68-F4B9-40D3-A26C-B1A4A964BFCC} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {7B3691C3-C3EF-4A3C-9E42-B21C74BB6438} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {823A0742-9E16-4A9B-90B4-93232800594A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {85B1ADB4-CE2C-4E13-B49C-22DEA35F5BC6} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {87C27346-9DE7-47F7-9FC1-053CA0B862A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-10] (Google LLC -> Google LLC)
Task: {967F9F73-91DD-492D-B485-9297EE82D303} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (No File)
Task: {A7A7288C-C075-428B-BE07-F43901C9537B} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {AA3C7C49-4758-45BD-A0F2-3371D92CC966} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [710560 2023-02-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {ABE0A74E-3BF2-4313-A19A-D1E722E890EB} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [661408 2023-02-03] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {AD0E2488-0D3D-44CB-8E47-DEFD5C50DB83} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {B9F44538-A70B-49B7-BC0C-A316EFB7FD56} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [186568 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
Task: {BD72102D-D753-430D-ADF7-E909A454F175} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE7A9201-2CDF-4F11-9917-7FAB8E56268B} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bbb0597391852f64\RtkAudUService64.exe [3495904 2022-05-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CB4A7E19-885A-421D-9C25-5B77B7A8FB3F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168920 2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CD4201B3-7541-4B92-AB1B-148540214266} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {D625C769-7EE6-447F-8825-3AB2AF6F2C83} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3442200 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {D6D27CF2-7DD7-490F-83E4-BD2A93758025} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-02-16] (Avast Software s.r.o. -> Avast Software)
Task: {D8DF72C8-7EE5-42E5-87F5-D755383F11F5} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DA39A14D-D946-4680-BF98-A3372A4058E3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DB8250BA-FFE3-4406-AEA7-2747A00AC044} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFDA188D-7618-4E4B-A0F6-CA20F79F0B90} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EB3C657D-FF6F-4FB5-8112-F4F5457D7A85} - System32\Tasks\Opera scheduled Autoupdate 1619876583 => C:\Users\david\AppData\Local\Programs\Opera\launcher.exe [2635208 2023-02-15] (Opera Norway AS -> Opera Software)
Task: {EC2AB8F6-FEE7-4145-8558-FEB3000D96E2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0cc3d3e3-f829-418d-ab07-c1231bda7d2c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F003956C-3449-41D6-901D-1B542FFFF832} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F337DE39-3F21-42F3-ADCF-27773243D30C} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4867992 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Task: {F6E20DB6-7937-4969-8281-48929B6D5F6B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144264 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8464EBF-3FB6-4236-8983-FF742FA9811A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7adfb55d-330b-4403-9a87-ce47aa6f2a16 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{9bf49c9e-bc3d-4518-9f8d-f5bfeda68eac}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{AE4417C4-ABC4-4ED2-95B8-68EABA0A4BAB}: [NameServer] 10.0.0.1 8.8.8.8
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-24]
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Math Wallet) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\afbcbjpbpfadlkmhmclhkeeodmamcflc [2022-10-24]
Edge Extension: (SSHGate ssh client and terminal emulator) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akjclknoaegmfejdhkncppnmjemkohdg [2022-10-24]
Edge Extension: (Yoroi) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akoiaibnepcedcplijmiamnaigbepmcb [2023-02-15]
Edge Extension: (MetaMask) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejbalbakoplchlghecdalmeeeajnimhm [2023-02-24]
Edge Extension: (Talisman - Polkadot Wallet) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fijngjgcjhjmmpcmkeiomlglpeiijkld [2023-02-11]
Edge Extension: (polkadot{.js} extension) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-12]
Edge Extension: (IPFS Companion) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nibjojkomfdiaoajekhjakgkdhaomnch [2023-02-24]
Edge Extension: (MetaMask) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-02-24]
FireFox:
========
FF DefaultProfile: c5nmaa40.default
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\c5nmaa40.default [2022-06-26]
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\msko3mo7.default-release [2023-02-17]
FF Extension: (polkadot extension) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\msko3mo7.default-release\Extensions\{7e3ce1f0-15fb-4fb1-99c6-25774749ec6d}.xpi [2022-06-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\david\AppData\Local\Google\Chrome\User Data\Default [2023-02-24]
CHR Notifications: Default -> hxxps://captchacoolnow.top; hxxps://twitter.com; hxxps://www.distrelec.cz; hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Math Wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbcbjpbpfadlkmhmclhkeeodmamcflc [2022-10-20]
CHR Extension: (SSHGate ssh client and terminal emulator) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjclknoaegmfejdhkncppnmjemkohdg [2022-10-20]
CHR Extension: (Easy Viewer) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\anjoggeimnldigfcihcggejncophmhjc [2021-02-10]
CHR Extension: (Yoroi) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffnbelfdoeiohenkjibnmadjiehjhajb [2023-02-14]
CHR Extension: (Talisman - Polkadot Wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijngjgcjhjmmpcmkeiomlglpeiijkld [2023-02-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-14]
CHR Extension: (Hola VPN - The Website Unblocker) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2023-02-22]
CHR Extension: (Ubiquiti Device Discovery Tool) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpigflbjeapnknladcfphgkemopofig [2021-02-10]
CHR Extension: (Parallel wallet) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbkgjmpfammbgejcpedggoefddacbdia [2022-12-05]
CHR Extension: (polkadot{.js} extension) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\mopnmbcafieddcagagdcbnhejhlodfdd [2022-06-18]
CHR Extension: (IPFS Companion) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nibjojkomfdiaoajekhjakgkdhaomnch [2023-02-23]
CHR Extension: (MetaMask) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (NACL Web Plug-in) - C:\Users\david\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdcmagkbhnjpjlnpibbmggikpedpilc [2021-02-10]
CHR Profile: C:\Users\david\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-15]
Opera:
=======
OPR Profile: C:\Users\david\AppData\Roaming\Opera Software\Opera Stable [2023-02-24]
OPR Notifications: Opera Stable -> hxxps://www.youtube.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-03]
OPR Extension: (Opera Coupons | kupóny a slevové kódy) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\eplcjggklbefnipglcfdfalbbjpmkbkl [2023-02-15]
OPR Extension: (Opera Wallet) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-02-15]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-21]
OPR Extension: (Amazon Assistant for Opera) - C:\Users\david\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2022-01-01]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8603544 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576408 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [575896 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\110.0.20215.104\elevation_service.exe [1824504 2023-02-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-02-16] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12554240 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_41de6367ef0679f0\DAX3API.exe [2305576 2021-12-08] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncHelper.exe [3486640 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [437680 2022-01-24] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmsvc.exe [850936 2022-11-24] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LITSSvc.exe [1260488 2023-01-17] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\LPlatSvc.exe [906232 2022-11-24] (Lenovo -> Lenovo)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.033.0212.0001\OneDriveUpdaterService.exe [3867032 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249328 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15162168 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_1d42bae7afe02228\driver\TPHKLOAD.exe [492280 2022-12-06] (Lenovo -> Lenovo Group Limited)
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72912 2022-11-17] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137600 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376010.inf_amd64_6f43fa43bfd061b1\B375210\amdkmdag.sys [80559984 2022-01-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31392 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [231800 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391264 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297848 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95928 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-02-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39600 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [268448 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556080 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105216 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80392 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [696016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319016 2023-02-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-22] (Microsoft Windows -> Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-10-20] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-10-20] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\ibmpmdrv.sys [53240 2022-11-24] (Lenovo -> Lenovo)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_02d728b29c6492d3\x64\pmdrvs.sys [38904 2022-11-24] (Lenovo -> Lenovo)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-07] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-07] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-24 17:32 - 2023-02-24 17:34 - 000056310 _____ C:\Users\david\Downloads\Addition.txt
2023-02-24 17:31 - 2023-02-24 17:53 - 000043298 _____ C:\Users\david\Downloads\FRST.txt
2023-02-24 17:31 - 2023-02-24 17:53 - 000000000 ____D C:\FRST
2023-02-24 17:30 - 2023-02-24 17:30 - 002378752 _____ (Farbar) C:\Users\david\Downloads\FRST64.exe
2023-02-23 11:57 - 2023-02-23 11:57 - 003811999 _____ C:\Users\david\Downloads\Skener_20230223 (2).pdf
2023-02-21 08:39 - 2023-01-17 09:42 - 001260488 _____ (Lenovo.) C:\WINDOWS\system32\LITSSvc.exe
2023-02-20 18:50 - 2023-02-20 18:50 - 000063672 _____ C:\Users\david\Downloads\Vyúčtování ze smlouvy číslo 0053362419.pdf
2023-02-20 13:47 - 2023-02-20 14:27 - 733990912 _____ C:\Users\david\Downloads\Dabelsky vas 1968 DVDRip XviD czdub.avi
2023-02-19 14:01 - 2023-02-19 14:01 - 000692356 _____ C:\WINDOWS\system32\perfh005.dat
2023-02-19 14:01 - 2023-02-19 14:01 - 000143226 _____ C:\WINDOWS\system32\perfc005.dat
2023-02-19 13:55 - 2023-02-19 13:55 - 000000000 ___HD C:\avast! sandbox
2023-02-16 08:04 - 2023-02-20 18:35 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-02-16 08:04 - 2023-02-20 18:35 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-02-16 08:03 - 2023-02-16 08:03 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2023-02-16 08:03 - 2023-02-16 08:03 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2023-02-16 08:02 - 2023-02-16 08:04 - 000000000 ____D C:\Users\david\AppData\Local\Avast Software
2023-02-16 08:02 - 2023-02-16 08:02 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2023-02-16 08:02 - 2023-02-16 08:02 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2023-02-16 08:02 - 2023-02-16 08:02 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2023-02-16 08:01 - 2023-02-16 08:01 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2023-02-16 08:01 - 2023-02-16 08:01 - 000002159 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2023-02-16 08:01 - 2023-02-16 08:01 - 000000000 ____D C:\Users\david\AppData\Roaming\Avast Software
2023-02-16 08:00 - 2023-02-24 09:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-02-16 08:00 - 2023-02-23 07:49 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-02-16 08:00 - 2023-02-16 08:00 - 000288664 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-02-16 08:00 - 2023-02-16 08:00 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-02-16 07:59 - 2023-02-19 13:54 - 000000000 ____D C:\ProgramData\Avast Software
2023-02-16 07:59 - 2023-02-16 07:59 - 000000000 ____D C:\Program Files\Avast Software
2023-02-16 07:58 - 2023-02-16 07:58 - 000263000 _____ (AVAST Software) C:\Users\david\Downloads\avast_free_antivirus_setup_online.exe
2023-02-15 18:50 - 2023-02-15 18:50 - 000000000 ___HD C:\$WinREAgent
2023-02-11 11:16 - 2023-02-11 12:45 - 1651495010 _____ C:\Users\david\Downloads\Občan Kane - Citizen Kane CZ tit.avi
2023-02-06 12:33 - 2023-02-06 12:33 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_hidtelephony_02_15_00.Wdf
2023-02-05 08:40 - 2023-02-05 09:34 - 1003412581 _____ C:\Users\david\Downloads\Born to Be Bad (1934)[ktrip].mkv
2023-02-05 00:31 - 2023-02-05 08:03 - 787065153 _____ C:\Users\david\Downloads\It's a Wonderful World 1939.mp4
2023-02-03 20:06 - 2023-02-04 10:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-01 13:15 - 2023-02-01 13:15 - 001243519 _____ C:\Users\david\Downloads\Technické podklady Nuvola 3 Comfort, Nuvola 3 B40_
2023-02-01 13:03 - 2023-02-01 13:03 - 004288634 _____ C:\Users\david\Downloads\pt32gst-cz-v1203-2020.indd.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-24 17:54 - 2021-08-15 13:56 - 000000000 ____D C:\Users\david\AppData\Local\Discord
2023-02-24 17:49 - 2021-08-15 13:56 - 000000000 ____D C:\Users\david\AppData\Roaming\discord
2023-02-24 17:27 - 2021-02-10 11:41 - 000000000 ____D C:\Users\david\AppData\Local\D3DSCache
2023-02-24 17:05 - 2021-02-10 12:04 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-24 16:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-02-24 16:47 - 2022-10-20 09:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-24 16:47 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-02-24 13:06 - 2021-03-18 08:32 - 000000000 ____D C:\Users\david\AppData\LocalLow\Mozilla
2023-02-24 12:02 - 2020-12-20 02:39 - 000000000 ____D C:\ProgramData\Goodix
2023-02-24 10:39 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-24 10:39 - 2021-02-10 11:41 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2023-02-24 10:38 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-24 09:35 - 2022-10-20 09:57 - 000003768 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1619876587
2023-02-24 09:35 - 2022-10-20 09:57 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-24 09:35 - 2022-10-20 09:57 - 000003514 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1619876583
2023-02-24 09:35 - 2022-10-20 09:57 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-02-24 09:35 - 2022-10-20 09:57 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-24 09:35 - 2022-10-20 09:57 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-02-24 09:35 - 2022-10-20 09:57 - 000003070 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3281388561-3768802976-1092351426-1001
2023-02-24 09:35 - 2022-10-20 09:57 - 000002716 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-02-24 09:35 - 2022-10-20 09:57 - 000002452 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2023-02-23 18:59 - 2020-12-20 02:35 - 000000000 ____D C:\Program Files\Microsoft Office
2023-02-23 15:07 - 2021-09-13 18:42 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-02-23 15:07 - 2021-02-10 12:40 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-23 15:07 - 2021-02-10 11:42 - 000000000 ___RD C:\Users\david\OneDrive
2023-02-22 21:05 - 2021-02-10 12:04 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-22 21:05 - 2021-02-10 12:04 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-02-21 16:28 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2023-02-21 08:39 - 2022-03-16 22:19 - 000000000 ____D C:\WINDOWS\system32\icmsg
2023-02-21 08:39 - 2020-12-20 02:40 - 000000000 ____D C:\WINDOWS\TempInst
2023-02-20 17:03 - 2021-05-01 14:43 - 000001416 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-02-19 19:52 - 2020-12-20 02:34 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-19 19:52 - 2020-12-20 02:34 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-02-19 14:01 - 2022-10-20 10:02 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-19 13:54 - 2022-10-20 09:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-19 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-19 13:54 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-19 13:54 - 2021-02-10 12:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-02-19 13:54 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2023-02-19 13:53 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-16 08:00 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-16 03:01 - 2022-10-20 09:52 - 000471152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-16 03:00 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-16 03:00 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 19:00 - 2021-02-14 10:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 18:58 - 2021-02-14 06:58 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 18:53 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 18:52 - 2022-10-20 09:54 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 07:26 - 2020-05-06 19:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-07 02:44 - 2022-10-20 09:53 - 000000000 ____D C:\Users\david
2023-02-04 10:09 - 2022-10-20 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-02-04 10:09 - 2022-06-26 14:06 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-04 10:09 - 2022-06-26 14:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-01-31 22:58 - 2021-12-03 10:07 - 000000000 ____D C:\Users\david\AppData\Roaming\Ledger Live
2023-01-31 22:51 - 2021-12-03 10:07 - 000000000 ____D C:\Program Files\Ledger Live
2023-01-27 09:34 - 2021-02-10 13:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-25 13:19 - 2021-02-27 13:19 - 000000000 ____D C:\Users\david\AppData\Roaming\TREZOR Bridge
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2023
Ran by david (24-02-2023 17:32:57)
Running from C:\Users\david\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.1265 (X64) (2022-10-20 08:57:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3281388561-3768802976-1092351426-500 - Administrator - Disabled)
david (S-1-5-21-3281388561-3768802976-1092351426-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-3281388561-3768802976-1092351426-503 - Limited - Disabled)
Guest (S-1-5-21-3281388561-3768802976-1092351426-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3281388561-3768802976-1092351426-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.1.6049 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 110.0.20215.104 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
balenaEtcher 1.7.8 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.7.8 - Balena Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1090 - AB Team, d.o.o.)
DeepL (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - )
Discord (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Exodus (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\exodus) (Version: 21.4.12 - Exodus Movement Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.177 - Google LLC)
IPFS Desktop 0.20.4 (HKLM\...\033dffdc-028b-55d6-9442-9e386fe5b76e) (Version: 0.20.4 - Protocol Labs, Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Ledger Live 2.52.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.52.0 - Ledger Live Team)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.16026.20200 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.50 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.26.28720 (HKLM-x32\...\{7d607fb4-7e28-4c7a-a92f-3fcdaf555faf}) (Version: 14.26.28720.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.26.28720 (HKLM\...\{CB4A0FDE-1126-4AE2-97C6-A243692C3D95}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.26.28720 (HKLM\...\{DD1EC0FD-3F0A-4740-A05E-1DCD14A6B0D1}) (Version: 14.26.28720 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 109.0.1 (x64 cs)) (Version: 109.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 95.0.4635.46 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\Opera 95.0.4635.46) (Version: 95.0.4635.46 - Opera Software)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Telegram Desktop version 3.7.3 (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC)
Trezor Suite 23.1.1 (HKLM\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 23.1.1 - SatoshiLabs)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Wasabi Wallet (HKLM\...\{FFC1B29A-A111-47CF-BEF6-9A26DB0BF959}) (Version: 1.1.12.5 - zkSNACKs)
Zoom (HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\...\ZoomUMX) (Version: 5.8.3 (1581) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-04-05] (Advanced Micro Devices Inc.) [Startup Task]
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-17] (Microsoft Corp.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.30201.210.0_x64__rz1tebttyb220 [2022-10-20] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-11] (Microsoft Corporation)
ELAN Touchpad for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadforThinkpad_24.121.15.0_x64__stws0m115j6hg [2023-01-24] (ELAN Microelectronics Corporation)
ELAN TrackPoint for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTrackPointforThinkpa_24.121.18.0_x64__stws0m115j6hg [2023-01-24] (ELAN Microelectronics Corporation)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_9.28.496.0_x64__17mer8kcn3j54 [2023-01-27] (Mirametrix Inc.) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-21] (LENOVO INC.)
ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.16.0_x64__8wekyb3d8bbwe [2023-02-02] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-10-22] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-25] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-20] (Microsoft Corporation)
ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-01-13] (ms-resource:ProductPublisherDisplayName)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2023-01-24] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3281388561-3768802976-1092351426-1001_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\david\AppData\Local\0install.net\implementations\sha256new_JCCQDCLOYQPYCEPZF325EEMUOXSHGMIFC42HMBHVLBFPWCTZ75KA\DeepL.exe (DeepL SE -> DeepL SE)
CustomCLSID: HKU\S-1-5-21-3281388561-3768802976-1092351426-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.033.0212.0001\FileSyncShell64.dll [2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-16] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Easy Viewer.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=anjoggeimnldigfcihcggejncophmhjc
ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\NACL Web Plug-in.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=pbdcmagkbhnjpjlnpibbmggikpedpilc
ShortcutWithArgument: C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Ubiquiti Device Discovery Tool.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hmpigflbjeapnknladcfphgkemopofig
==================== Loaded Modules (Whitelisted) =============
2022-11-21 16:40 - 2022-08-21 02:44 - 001160192 _____ () [File not signed] [File is in use] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 000438784 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\amdlinkremoteserver.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 000017920 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libEGL.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 003567616 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\libGLESv2.dll
2022-04-05 07:14 - 2022-04-05 07:16 - 000258560 _____ () [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\WirelessVR-windesktop64.dll
2022-11-21 16:40 - 2022-08-19 08:38 - 175591424 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2022-11-21 16:40 - 2022-08-19 07:11 - 000442880 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2022-11-21 16:41 - 2022-08-19 07:10 - 006480384 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2022-11-21 16:41 - 2022-08-19 07:07 - 004077568 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2022-11-21 16:40 - 2022-08-19 07:10 - 000828928 _____ () [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2022-04-05 07:14 - 2022-04-05 07:14 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\D3DCompiler_47.dll
2020-12-20 02:35 - 2020-12-20 02:35 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-12-20 02:35 - 2020-12-20 02:35 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-11-21 16:41 - 2022-08-19 07:16 - 001231872 _____ (The Chromium Authors) [File not signed] C:\Users\david\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qgif.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qicns.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qico.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qjpeg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qsvg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qtga.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwbmp.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\imageformats\qwebp.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\platforms\qwindows.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\sqldrivers\qsqlite.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\plugins\styles\qwindowsvistastyle.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Core.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Gui.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Multimedia.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5MultimediaQuick.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Network.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Positioning.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Qml.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlModels.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QmlWorkerScript.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Quick.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickControls2.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5QuickTemplates2.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Sql.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Svg.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngine.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebEngineCore.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WebChannel.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Widgets.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5WinExtras.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5Xml.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\Qt5XmlPatterns.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtMultimedia\declarative_multimedia.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQml\qmlplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick.2\qtquick2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Controls\qtquickcontrolsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Dialogs\dialogplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Layouts\qquicklayoutsplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtQuick\Window.2\windowplugin.dll
2022-04-05 07:14 - 2022-04-05 07:15 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.30024.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngine\qtwebengineplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3281388561-3768802976-1092351426-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Lenovo\ThinkPadwallpaper.jpg
DNS Servers: 10.0.0.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{FEC95784-14AA-40B2-B346-7BD54A0C5D2C}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [TCP Query User{BAA48C16-AF9C-41CC-8A84-6B64EE2F2CBB}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [{ABF5B404-8B57-46D2-AAC1-4905C4080785}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F02A5808-E877-4B4E-B184-F884DB3B14C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F22AB076-832F-4120-98AA-49110C1AB7FD}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [TCP Query User{83DC78F7-5164-4C5D-8DB6-5A74A6DE2CB2}C:\program files\trezor suite\trezor suite.exe] => (Allow) C:\program files\trezor suite\trezor suite.exe (SatoshiLabs, s.r.o. -> SatoshiLabs)
FirewallRules: [UDP Query User{7139D722-3E94-4FA1-9F4E-771BFEED8165}C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe] => (Allow) C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe (Protocol Labs, Inc. -> )
FirewallRules: [TCP Query User{89DF982A-A285-4D45-9EA1-98022D7CD018}C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe] => (Allow) C:\program files\ipfs desktop\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe (Protocol Labs, Inc. -> )
FirewallRules: [UDP Query User{7915EC1E-1418-4269-B73F-2B58BB7EDF64}C:\program files\ipfs desktop\ipfs desktop.exe] => (Allow) C:\program files\ipfs desktop\ipfs desktop.exe (Protocol Labs, Inc. -> Protocol Labs, Inc.)
FirewallRules: [TCP Query User{F0960D98-C8A4-4C94-B946-1AA01F6CFD45}C:\program files\ipfs desktop\ipfs desktop.exe] => (Allow) C:\program files\ipfs desktop\ipfs desktop.exe (Protocol Labs, Inc. -> Protocol Labs, Inc.)
FirewallRules: [{E47874DC-2144-4D66-A80E-5F557B7A03E5}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{948D3F2A-4FC2-48CC-9A5B-AAEF44F08CE6}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{11F58DBB-32EA-421F-8F9D-09CFD618E14D}] => (Allow) C:\Users\david\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{F7D621F6-7FB6-4E06-9B0B-35831BF120B9}C:\users\david\downloads\winbox64.exe] => (Allow) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{9573DA98-4CC7-4E4E-B591-964B28906403}C:\users\david\downloads\winbox64.exe] => (Allow) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{6122D9AD-295A-43FC-8636-2309CB0B033C}C:\users\david\downloads\winbox64.exe] => (Block) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{3C0E31B6-112B-434E-8377-2D2E9F19F96B}C:\users\david\downloads\winbox64.exe] => (Block) C:\users\david\downloads\winbox64.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{5A72C00B-8A80-478F-AC61-434208D8724F}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{3F262DE1-76DF-472E-931C-DA20DF9191DF}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{C64BF34A-3A7F-4581-BC60-0E0C097FD462}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [UDP Query User{D161BC17-CD6B-4246-B622-B7765C1A7AE1}C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\77.0.4054.203\opera.exe => No File
FirewallRules: [TCP Query User{5BB08B27-F70B-40A2-89CC-994BF384E689}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{515A0591-471B-4667-BB27-A13B3B244457}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [TCP Query User{B3D7B456-9CFF-45B2-A670-8AC075C006CE}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [UDP Query User{24190330-D28B-4B76-AF28-D71A8CDA5C55}C:\brnonet\winbox64 (1).exe] => (Allow) C:\brnonet\winbox64 (1).exe => No File
FirewallRules: [{5D859CF9-DD65-42EA-855D-41D532BA3451}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1DA55E18-C0E7-441A-808D-0F14B2AF5ADF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{157D8C22-25CA-4D1F-AF6E-E9D25AF1731A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{167B6D33-4055-4BE2-BA1E-4F7C8BD52C32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{C2C17240-ACC4-4CD5-BBC6-77176D7BE231}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{7F83B5AF-AB9B-4E66-A337-965EE74EEC02}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{339B7D4D-227C-4E7C-B0E9-EE4B713E8CE2}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{916EAE12-AA6A-40A3-AED5-CBC186848EF9}C:\users\david\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\david\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{CC8894AB-1F99-4F2A-AAB1-C65295AEDC01}C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe] => (Allow) C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{3B6E3764-37B0-472F-9E92-A61598B6A9B7}C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe] => (Allow) C:\brnonet\mikrotik\haplite\netinstall-6.48.5\netinstall.exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{83F2D6A4-47B7-4B4F-AB41-82AA0B5802D9}C:\users\david\downloads\winbox64 (1).exe] => (Allow) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{535AED30-E051-4967-8BD6-37D573BC19DF}C:\users\david\downloads\winbox64 (1).exe] => (Allow) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{77AD6658-1C50-4C1C-94A6-D9519D9077D9}] => (Block) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{64878B04-A49A-4542-BA96-D4E123E0FDEE}] => (Block) C:\users\david\downloads\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [TCP Query User{28EA61FE-CB57-4128-9002-DEF324A202BA}C:\brnonet\mikrotik\winbox64 (1).exe] => (Allow) C:\brnonet\mikrotik\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{8BF893C8-3F17-48DF-A861-A472CD44D0B9}C:\brnonet\mikrotik\winbox64 (1).exe] => (Allow) C:\brnonet\mikrotik\winbox64 (1).exe (Mikrotikls SIA -> )
FirewallRules: [{203BF5B0-EC55-4A3E-8996-8E078398CE89}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{151068B6-CB76-49D0-9504-CD82A9E649BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DD7BDDF7-E8F1-43D9-BD36-ADF0FEA82509}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2DD8500B-DA08-42BC-A2ED-3D3F39897AED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9F74F04E-1DF2-4A4B-AAEC-8D63912C23B0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{E62BBB40-20E3-4E64-8779-ABCC4A6DA7C0}C:\users\david\downloads\winbox64 (2).exe] => (Allow) C:\users\david\downloads\winbox64 (2).exe => No File
FirewallRules: [UDP Query User{E584F9AD-2C33-48C4-AA69-0AA8843CD5A7}C:\users\david\downloads\winbox64 (2).exe] => (Allow) C:\users\david\downloads\winbox64 (2).exe => No File
FirewallRules: [TCP Query User{4BDDC0DD-ABD1-42EE-8383-EE086AB98191}C:\brnonet\winbox64 (2).exe] => (Allow) C:\brnonet\winbox64 (2).exe (Mikrotikls SIA -> )
FirewallRules: [UDP Query User{C96A415A-18E7-4BB3-AB98-6B691050BED2}C:\brnonet\winbox64 (2).exe] => (Allow) C:\brnonet\winbox64 (2).exe (Mikrotikls SIA -> )
FirewallRules: [{59ED960C-4695-4988-AD63-70FD54594AF9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{700E3109-0D91-4AEC-BA3E-135F2A681556}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{704625DB-DF6D-4FD3-AACE-561B43E2C539}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CA000886-AD32-4089-AD9C-2B28D3DCB1A5}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D2057F4E-1FE5-4EA0-9427-CCF0556701EC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{073687F5-1C8E-4D55-A6D9-F19C24F61DC6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6609170-5EDC-4958-B0AF-0C1D0FA6F19C}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8FF1297C-C105-40DC-B363-96EDB12298D9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3E7377C7-2671-4F6B-84F9-38386D845E07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C6A590E-C0AC-4955-8EB6-51A853CF565E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBE4778C-BA25-4927-AAFF-85DE4B6B03CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{848B354F-251F-471D-A462-E82A7BC142B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
24-02-2023 11:02:15 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/23/2023 06:59:13 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-33BMKLN)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.
Error: (02/20/2023 07:47:59 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_WbioSrvc, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: ntdll.dll, verze: 10.0.22621.900, časové razítko: 0xa97a9ed6
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a2f1a
ID chybujícího procesu: 0x0x6318
Čas spuštění chybující aplikace: 0x0x1d944c9a850e5ba
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f927ac11-0595-4534-8e36-f1e2b52a1eb9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/14/2023 05:37:59 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-33BMKLN)
Description: Název chybující aplikace: chrome.exe, verze: 109.0.5414.120, časové razítko: 0x63ced377
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.963, časové razítko: 0x766ca8ae
Kód výjimky: 0xe0000008
Posun chyby: 0x00000000000906bc
ID chybujícího procesu: 0x0x3e74
Čas spuštění chybující aplikace: 0x0x1d93a95e8d55830
Cesta k chybující aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 40ad33e9-5c78-4402-9e00-205cea3af3dd
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/10/2023 06:25:59 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x5d9c
Čas spuštění chybující aplikace: 0x0x1d93d7466ac5697
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 1f5824bb-9239-44e7-a8cb-b12127ed6e1f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/10/2023 03:58:34 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x36ac
Čas spuštění chybující aplikace: 0x0x1d93cfb65387dcc
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 15cd4275-84fb-418e-b3ee-e7a064243b28
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/08/2023 12:17:40 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-33BMKLN)
Description: Název chybující aplikace: msteamsupdate.exe, verze: 23002.403.1788.1930, časové razítko: 0x63b90624
Název chybujícího modulu: msteamsupdate.exe, verze: 23002.403.1788.1930, časové razítko: 0x63b90624
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000feaed
ID chybujícího procesu: 0x0x9a0
Čas spuštění chybující aplikace: 0x0x1d93b4a5f11dc15
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteamsupdate.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe\msteamsupdate.exe
ID zprávy: b0a37f07-8799-4421-be88-96c4afd09cfc
Úplný název chybujícího balíčku: MicrosoftTeams_23002.403.1788.1930_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: msteamsupdate
Error: (02/02/2023 02:32:46 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x590c
Čas spuštění chybující aplikace: 0x0x1d936a5feaf533f
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: 5ac4e1a1-1ff4-4cae-86fc-9349693c95ac
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/22/2023 03:14:31 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: frameserver.dll, verze: 10.0.22621.1105, časové razítko: 0x2525bcb3
Kód výjimky: 0xc00d4e24
Posun chyby: 0x000000000008326a
ID chybujícího procesu: 0x0x19b4
Čas spuštění chybující aplikace: 0x0x1d92e0731dea83e
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\frameserver.dll
ID zprávy: cad92b57-62f5-4772-a68c-bba85d979775
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/24/2023 10:39:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (02/23/2023 06:58:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (02/23/2023 11:15:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (02/22/2023 03:49:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (02/21/2023 04:30:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (02/20/2023 07:48:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Biometrická služba systému Windows byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (02/19/2023 01:54:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMD Crash Defender Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/19/2023 01:54:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AMD Crash Defender Service bylo dosaženo časového limitu (45000 ms).
Windows Defender:
================
Date: 2023-02-15 07:38:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4840786C-2BE5-4DC3-83BE-F49859153F1B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-02-13 10:06:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {69925481-ED42-4422-AF8B-6091E0910766}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-02-12 14:23:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5525ABCD-3C2D-4BF8-91FA-0C5A18F875C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-02-11 10:21:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {59CF7546-8928-416F-9471-CBED7CCABE40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-02-10 15:36:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {99E83A67-4D6F-4922-B98B-B25DDCCFC35E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-02-24 17:01:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-02-24 13:19:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO R1AET33W (1.09 ) 10/26/2020
Motherboard: LENOVO 20T8000MCK
Processor: AMD Ryzen 5 4500U with Radeon Graphics
Percentage of memory in use: 82%
Total physical RAM: 15591.43 MB
Available physical RAM: 2759.11 MB
Total Virtual: 39954.81 MB
Available Virtual: 6821.61 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:237.23 GB) (Free:63.37 GB) (Model: SAMSUNG MZALQ256HAJD-000L1) (Protected) NTFS
\\?\Volume{a806eee1-bdab-4de3-b8cd-f99b8570c505}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.27 GB) NTFS
\\?\Volume{8cbe5646-85be-4777-ad5d-32fac9e9268e}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: ACD486B2)
Partition: GPT.
==================== End of Addition.txt =======================