Kontrola po zachycení hrozeb
Napsal: 05 pro 2023 21:00
Zdravím, poprosil bych o kontrolu poté, co Zabezpečení Windows zachytilo do karantény nějakého trojana. Díky moc!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2023
Ran by val (administrator) on LAPTOP-SRKCKE8G (LENOVO 80UV) (05-12-2023 19:52:24)
Running from C:\Users\val\Desktop\FRST64.exe
Loaded Profiles: val
Platform: Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE
(explorer.exe ->) (IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(explorer.exe ->) (LENOVO -> ) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (IDRIX SARL -> IDRIX) C:\Windows\System32\VeraCrypt.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(spool\drivers\x64\3\CNAP3LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABISWD.EXE
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\val\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2017-02-10] (LENOVO -> )
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui (No File)
HKLM\...\Run: [CNAP3 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8025992 2016-09-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776704 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5912648 2020-07-09] (IDRIX SARL -> IDRIX)
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2646120 2023-11-29] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Run: [MicrosoftEdgeAutoLaunch_2BD138944824F9E39F1A8E4F21D1EDA9] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\MountPoints2: {05b41f0d-260b-11ec-844d-98541bf1d6a9} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\MountPoints2: {751fc877-1547-11eb-8431-98541bf1d6a9} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\MountPoints2: {e3f70fd1-8f47-11eb-843f-98541bf1d6a9} - "E:\Lenovo_Suite.exe"
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\WINDOWS\system32\CNCENPM6.dll [152064 2013-01-31] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CNAP3 Monitor: C:\WINDOWS\system32\CNAP3SMD.DLL [1470464 2014-11-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-12-01] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F62DB79B-E160-41C8-AFF9-A21A4A797619} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {FABF0EDE-A50D-49CE-9891-57362E18639A} - System32\Tasks\App Explorer => C:\Users\val\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7578648 2023-04-22] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {FD464E08-36C5-46C9-92EE-95CA3B600A95} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
Task: {BF9FA7E3-7209-4498-8AAA-D11557A4E8B4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {FD373BC9-1948-4C44-8021-A1B86FECAD6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-25] (Google Inc -> Google Inc.)
Task: {E36B6601-3A48-4CDE-88E2-09CBD31270AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-25] (Google Inc -> Google Inc.)
Task: {A38F279F-5E11-4979-B9DE-90B49481C922} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DFBB9B2C-B04B-4510-BB3E-E793E36608B5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {1868D39B-23F0-42D7-A853-915C93065543} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FF6E1E8B-0B32-4A7B-973E-6303C0624ACE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\46d39c04-a4e7-43ac-8cb8-bd4ef4cdcc7a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {EEFD57E5-4636-4B2B-871F-8608A1146375} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5143f1c8-9526-44e3-89c1-0ea472f92bab => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {909ABC9E-3249-41D7-8112-C466DC3E0D79} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9581e803-a0db-4af0-bfb4-67c9cdaf9651 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {BF8CD1CF-A538-4FAF-8DE2-F14246909354} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d17f0512-a0ff-4398-8ba8-69167ae3c545 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {31574C5D-4EED-4545-813B-56454723AF2A} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-842312810-1200612737-2880215622-1001 => C:\Users\val\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {0EA1570E-7415-4F0A-9D9A-3FD04136BF8F} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {FB54174E-52DE-4A4A-A067-BBE880FF6082} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {EC4C5F13-FE5A-4CC5-AC6F-85A9EBFF5981} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {18FB0890-748F-40A8-AE73-CC65B273D4FC} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {617F8B9F-49E5-445B-982D-BA497577A4FA} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {A03056FF-E94D-43A6-B971-BAED50C83E44} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {A39F71D6-1C6E-41F0-B94C-84C99245198F} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {0633D6DF-52A8-4285-8FC8-CC05DE0639FF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {EC81D7A5-3615-421A-A3FC-D650042266ED} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {EDECA634-60BC-4E35-A8D4-3E9D6668F88A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {4AE13385-7B28-455D-800E-E519058FE307} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {77E86A90-A63C-4939-A3DF-A9342C4CC039} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {2DFCC7E5-AE22-4CE8-B5F5-200962DC089A} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {38FF280E-5BF2-435C-B779-F1A05DD5DE43} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {57F72434-E8AB-477A-BC6A-25B08EB24B84} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {9A3807DD-E560-4BE5-B98D-7352793330FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {5968872B-07C6-4A63-92AE-587F747353BF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {08F95A8B-94F1-465F-BF99-2D0C1480CA24} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1E03156-78C6-41BD-A2B0-C952F83FADD0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A04C62C3-06C8-4773-8C53-23A7B09A6734} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4431688 2023-10-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DDC2B38E-0631-42D4-9DB8-1A5051D381D5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [364128 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2190ACE-967B-4584-868C-8632D698F45D} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => StartupCheck.vbs (No File)
Task: {FEAC8FB3-48A3-4F20-8937-55612EB9E747} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => Maintenance.vbs (No File)
Task: {6B4D982C-9034-4A2C-AF05-527C65CC121F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49B0B8FE-61A6-4AAA-9268-4B78AE419F9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {85FEA8E7-C4F6-45CB-9B0B-0BF63BB83092} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A61706DA-2CB3-444E-8563-3E122E67EB47} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {489F28D4-3C08-4A3F-8CDA-F58A51AB31BD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-16] (Microsoft Windows -> Microsoft Corporation)
Task: {2E0AA02A-77FF-482F-A856-6C8B703716FC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674208 2023-12-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F7EB6D79-E798-45D2-B393-04F139A56925} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {257EDE34-083D-4035-BB99-535A0350CDCC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> )
Task: {0BA24393-52AE-415A-8BCB-AD080E0BF37F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e82220c-7010-41c6-b735-bc0abacdd88b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fb4c2ac2-7a28-46db-b80e-ffd4a387f79f}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\val\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-05]
Edge Extension: (Dokumenty Google offline) - C:\Users\val\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-01]
Edge Extension: (Edge relevant text changes) - C:\Users\val\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-01]
FireFox:
========
FF DefaultProfile: o8uuke26.default
FF ProfilePath: C:\Users\val\AppData\Roaming\Mozilla\Firefox\Profiles\o8uuke26.default [2020-08-22]
FF ProfilePath: C:\Users\val\AppData\Roaming\Mozilla\Firefox\Profiles\9fttahvs.default-release [2023-12-05]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\val\AppData\Roaming\Mozilla\Firefox\Profiles\9fttahvs.default-release\Extensions\firefox@ghostery.com.xpi [2023-08-03]
FF Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\val\AppData\Roaming\Mozilla\Firefox\Profiles\9fttahvs.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2023-11-09]
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\val\AppData\Local\Google\Chrome\User Data\Default [2022-04-07]
CHR Notifications: Default -> hxxps://web.telegram.org
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Extension: (Prezentace) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-25]
CHR Extension: (Dokumenty) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-25]
CHR Extension: (Disk Google) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-25]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-04-07]
CHR Extension: (Tabulky) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-07]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-07]
CHR Extension: (Adaware Secure) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2019-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-04-07]
CHR Extension: (Gmail) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-28]
CHR Notifications: Profile 1 -> hxxps://app.zoom.us; hxxps://meet.google.com
CHR Extension: (Torrent Scanner) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-04-06]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-08-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-25]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-09-03] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11187816 2023-11-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe [34176 2023-07-14] (Lenovo -> Lenovo)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 VeraCryptSystemFavorites; C:\WINDOWS\system32\VeraCrypt.exe [5912648 2020-07-09] (IDRIX SARL -> IDRIX)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" /runassvc [X]
S2 avast! Tools; "C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc [X]
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MpKsl37f11a7d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3D995289-1F14-492E-979C-797B3A37DEFF}\MpKslDrv.sys [263560 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [329184 2016-08-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1057864 2016-10-03] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831664 2020-07-09] (IDRIX SARL -> IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S2 aswStm; system32\drivers\aswStm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-05 19:52 - 2023-12-05 19:53 - 000034916 _____ C:\Users\val\Desktop\FRST.txt
2023-12-05 19:52 - 2023-12-05 19:52 - 000000000 ____D C:\FRST
2023-12-05 19:50 - 2023-12-05 19:51 - 000000000 ____D C:\Users\val\AppData\Local\Temp\mozilla-temp-files
2023-12-05 19:50 - 2023-12-05 19:50 - 002384384 _____ (Farbar) C:\Users\val\Desktop\FRST64.exe
2023-12-05 19:18 - 2023-12-05 19:19 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_2836_1855475199
2023-12-05 18:19 - 2023-12-05 18:19 - 000000000 ____D C:\Users\val\AppData\Local\Temp\{FC1B77D1-38AE-44C4-98A5-E94C35AD4F97}
2023-12-05 18:18 - 2023-12-05 18:18 - 000144168 _____ C:\Users\val\AppData\Local\Temp\dat9A0F.tmp
2023-12-05 18:18 - 2023-12-05 18:18 - 000143804 _____ C:\Users\val\AppData\Local\Temp\dat99C0.tmp
2023-12-05 18:18 - 2023-12-05 18:18 - 000143016 _____ C:\Users\val\AppData\Local\Temp\dat9A2F.tmp
2023-12-05 18:18 - 2023-12-05 18:18 - 000106380 _____ C:\Users\val\AppData\Local\Temp\dat9A4F.tmp
2023-12-05 18:18 - 2023-12-05 18:18 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10108_605968102
2023-12-05 18:18 - 2023-12-05 18:18 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10108_1979070854
2023-12-05 18:18 - 2023-12-05 18:18 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10108_1027966185
2023-12-04 20:54 - 2023-12-04 20:54 - 000239891 _____ C:\Users\val\AppData\Local\Temp\prep_ui_win32_bundle_V8_perf.cache
2023-12-04 20:54 - 2023-12-04 20:54 - 000024327 _____ C:\Users\val\AppData\Local\Temp\prep_96b416466a7587ae7f08860fbc72_PackageResources_index_win32_bundle_V8_perf.cache
2023-12-04 20:53 - 2023-12-04 20:53 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_8076_95896803
2023-12-04 20:52 - 2023-12-04 20:52 - 000661699 _____ C:\Users\val\AppData\Local\Temp\prep_foundation_win32_bundle_V8_perf.cache
2023-12-04 20:52 - 2023-12-04 20:52 - 000547427 _____ C:\Users\val\AppData\Local\Temp\prep_ram Files (x86)_Microsoft Office_root_Office16_AugLoop_bundle_js_V8_perf.cache
2023-12-04 20:39 - 2023-12-04 20:39 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2023-12-04 20:34 - 2023-12-04 20:34 - 000000000 ____D C:\Users\val\AppData\Local\Temp\lilo.12124
2023-12-04 20:33 - 2023-12-04 20:33 - 000000170 _____ C:\Users\val\AppData\Local\Temp\NGLClient_Photoshop1.ngllogcontrolconfig
2023-12-04 12:37 - 2023-12-04 12:37 - 000311736 _____ C:\Users\val\Downloads\pexels-photo-639110.jpeg
2023-12-04 12:34 - 2023-12-04 12:35 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_6112_1290225544
2023-12-04 12:34 - 2023-12-04 12:34 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_6112_1377135811
2023-12-04 07:34 - 2023-12-04 07:34 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_6112_726893049
2023-12-04 06:34 - 2023-12-04 06:34 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10200_1232774321
2023-12-03 12:04 - 2023-12-03 12:05 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_5596_1908818778
2023-12-02 22:47 - 2023-12-02 22:48 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10160_915951136
2023-12-02 22:35 - 2023-12-02 22:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-02 20:21 - 2023-12-02 20:25 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_5488_813680935
2023-12-02 20:20 - 2023-12-02 20:21 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_5488_1227820838
2023-12-01 20:37 - 2023-12-05 18:22 - 000006830 _____ C:\Users\val\AppData\Local\Temp\au-descriptor-1.8.0_391-b13.xml
2023-11-25 19:18 - 2023-11-25 19:18 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD35CB.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD2A40.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD27AD.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD273E.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD2325.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD212F.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1B61.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1A26.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD19A7.tmp
2023-11-23 07:02 - 2023-11-23 07:02 - 007578945 _____ C:\Users\val\Downloads\Priloha_k_Metodickemu_pokynu_AS_c_4-2022_Zakladni_pravidla_pro_zpracovani_archivalii_v3-1_-_20221006-2.pdf
2023-11-23 07:01 - 2023-11-23 07:01 - 000226824 _____ C:\Users\val\Downloads\Metodicky_pokyn_AS_c_4-2022_Zakladni_pravidla_pro_zpracovani_archivalii_v3-1_-_20221006-1.pdf
2023-11-23 07:01 - 2023-11-23 07:01 - 000226824 _____ C:\Users\val\Downloads\Metodicky_pokyn_AS_c_4-2022_Zakladni_pravidla_pro_zpracovani_archivalii_v3-1_-_20221006.pdf
2023-11-17 18:19 - 2023-11-27 20:10 - 000000000 ____D C:\Users\val\AppData\Local\Temp\EDE0C62E-057B-477B-B643-5744DA4109BE
2023-11-16 09:15 - 2023-11-16 09:15 - 000000000 ___HD C:\$WinREAgent
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF290.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF270.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF26F.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF25E.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF24E.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF1FD.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF1BA.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF19A.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF199.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF198.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF187.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF186.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD704.tmp
2023-11-14 19:00 - 2023-11-14 19:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\msohtmlclip1
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD5794.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD5745.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD56E6.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD56B6.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD5398.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD52CB.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD528A.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD523A.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD515E.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD514D.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD514C.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD514B.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD513A.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD42B2.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4272.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4213.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD41D2.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4163.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4162.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4161.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4160.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD415F.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD415E.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD414D.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD414C.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD414B.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE279.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE249.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE248.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE16D.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE14C.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE13C.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE13B.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE13A.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE127.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE126.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE125.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE115.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE114.tmp
2023-11-08 10:50 - 2023-11-08 10:50 - 000018294 _____ C:\Users\val\Downloads\Ikarie_XB_1_seznam-nalezu.xlsx
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD14C2.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1473.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1432.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1422.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1411.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1410.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD140F.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD140E.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13FD.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13FC.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13FB.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13FA.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13F9.tmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-05 19:49 - 2020-03-04 12:27 - 000000000 ____D C:\Users\val\AppData\Roaming\Signal
2023-12-05 19:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-05 19:35 - 2021-12-18 18:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-05 19:35 - 2017-12-25 09:57 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-05 19:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-05 19:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-05 19:06 - 2022-02-10 19:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-05 18:22 - 2023-07-02 10:10 - 000000000 ____D C:\Users\val\AppData\Local\Temp\hsperfdata_val
2023-12-05 18:22 - 2023-07-01 15:56 - 000000000 ____D C:\Users\val\AppData\Local\Temp\MessagingAddin
2023-12-05 18:22 - 2020-09-27 15:00 - 001079389 _____ C:\Users\val\AppData\Local\Temp\driver.xml
2023-12-05 18:19 - 2023-07-02 10:08 - 000000000 ____D C:\Users\val\AppData\Local\Temp\MessagingPlugin
2023-12-05 18:19 - 2022-04-12 13:56 - 000000000 ____D C:\Program Files\Adobe
2023-12-05 18:19 - 2022-04-12 13:54 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-12-05 18:19 - 2017-12-25 10:20 - 000000000 ____D C:\ProgramData\Adobe
2023-12-05 18:19 - 2017-12-24 23:14 - 000000000 ____D C:\Users\val\AppData\Roaming\Adobe
2023-12-05 18:17 - 2023-01-18 16:14 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-12-05 18:17 - 2020-08-06 13:56 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-05 18:16 - 2017-12-24 23:14 - 000000000 __SHD C:\Users\val\IntelGraphicsProfiles
2023-12-04 21:45 - 2018-03-24 14:14 - 000000000 ____D C:\Users\val\AppData\Roaming\Microsoft\PowerPoint
2023-12-04 21:45 - 2017-12-25 10:31 - 000000000 ____D C:\Users\val\AppData\Roaming\Microsoft\Office
2023-12-04 20:53 - 2023-07-02 11:48 - 000000000 ____D C:\Users\val\AppData\Local\Temp\Outlook Logging
2023-12-04 20:36 - 2023-07-19 13:40 - 000000000 ____D C:\Users\val\AppData\Local\Temp\PhotoshopCrashes
2023-12-04 20:33 - 2017-12-27 15:02 - 000000000 ____D C:\Users\val\Documents\Fotky
2023-12-04 20:25 - 2023-08-05 11:14 - 000000000 ____D C:\Users\val\AppData\Local\Temp\notificationimages
2023-12-04 11:48 - 2017-12-27 15:27 - 000000000 ____D C:\Users\val\Documents\NFA
2023-12-04 08:42 - 2020-09-26 19:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-02 22:46 - 2020-08-22 15:07 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-02 22:44 - 2017-12-25 11:11 - 000000000 ____D C:\Users\val\AppData\Roaming\vlc
2023-12-02 20:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-01 20:39 - 2020-09-26 20:07 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-12-01 20:39 - 2020-09-26 20:07 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-12-01 20:37 - 2023-07-27 14:30 - 000000000 ____D C:\Users\val\AppData\Local\Temp\acrocef_low
2023-12-01 20:21 - 2020-09-26 20:07 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-12-01 12:53 - 2023-07-01 13:19 - 000000000 ____D C:\Users\val\AppData\Local\Temp\acrobat_sbx
2023-12-01 10:08 - 2017-12-25 10:37 - 000000000 ____D C:\Users\val\AppData\Roaming\Microsoft\Excel
2023-12-01 07:50 - 2017-12-25 09:57 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-24 18:30 - 2020-09-26 20:09 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-24 18:30 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-11-24 18:30 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-11-23 12:37 - 2017-12-25 10:31 - 000000000 ____D C:\Users\val\AppData\Roaming\Microsoft\Word
2023-11-22 17:01 - 2020-08-22 15:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-17 16:09 - 2017-02-10 12:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-11-17 15:26 - 2020-09-26 20:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-17 15:26 - 2020-09-20 08:52 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-17 15:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-17 15:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-17 15:25 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-11-17 15:21 - 2020-09-26 19:50 - 000437848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-17 15:21 - 2020-03-26 21:41 - 000000000 ____D C:\WINDOWS\TempInst
2023-11-16 18:37 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-11-16 18:37 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-16 18:36 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-16 18:36 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-16 18:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-16 09:35 - 2019-12-07 15:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-16 09:35 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-16 09:35 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-16 09:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-16 09:27 - 2020-09-26 19:50 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-16 08:41 - 2017-12-26 21:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-16 08:36 - 2017-12-26 21:37 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-14 18:18 - 2022-10-12 14:16 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-14 18:18 - 2022-10-12 14:16 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-11-14 18:18 - 2020-09-26 20:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-14 18:10 - 2017-02-10 12:37 - 000000000 ____D C:\ProgramData\Lenovo
2023-11-13 18:46 - 2020-09-26 20:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2023-11-13 18:46 - 2019-01-29 20:39 - 000005757 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2023-11-13 18:46 - 2017-02-10 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2023-11-13 18:46 - 2017-02-10 12:45 - 000000000 ____D C:\Program Files (x86)\Lenovo
2023-11-12 09:55 - 2023-10-15 11:46 - 000000000 ____D C:\Users\val\Documents\nová práce
2023-11-11 19:18 - 2020-08-24 13:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1EE9.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1E3B.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1DFA.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1DAA.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D7A.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D79.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D78.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D77.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D76.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D56.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D55.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D50.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D4F.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8CDE.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B56.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B46.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B45.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B34.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B23.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B22.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B21.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B20.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B1F.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B0F.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B0E.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8AEE.tmp
2023-11-08 06:41 - 2018-05-15 07:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2023
Ran by val (05-12-2023 19:55:21)
Running from C:\Users\val\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) (2020-09-26 19:07:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-842312810-1200612737-2880215622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-842312810-1200612737-2880215622-503 - Limited - Disabled)
Guest (S-1-5-21-842312810-1200612737-2880215622-501 - Limited - Disabled)
val (S-1-5-21-842312810-1200612737-2880215622-1001 - Administrator - Enabled) => C:\Users\val
WDAGUtilityAccount (S-1-5-21-842312810-1200612737-2880215622-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\uTorrent) (Version: 3.5.5.46348 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Install Manager (HKLM\...\{CB17F29D-81FB-9BE1-F87A-682396B74EAB}) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0903.849.14039 - Advanced Micro Devices, Inc.)
Audio By Harman (HKLM\...\{F2DA805F-3FBD-4A4E-970F-5EE7027107EB}) (Version: 1.4.0.0 - Harman, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Canon LBP6230 6240 Uninstaller (HKLM\...\Canon LBP6230 6240) (Version: 6, 3, 1, 0 - Canon Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.74.0.5587 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{3a884fa0-0591-4b54-9aa2-442b4172ec32}) (Version: 13.74.0.5587 - Electronic Arts)
Google Chrome (HKLM\...\{B98EEA88-7820-3A65-A3AF-99A11D1A9D49}) (Version: 119.0.6045.200 - Google, Inc.)
Intel(R) Chipset Device Software (HKLM\...\{3AAD3A73-0D6A-4EFE-93FC-7719DC6C89E4}) (Version: 10.1.1.37 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{C72F5F83-E423-4634-A41F-1E509F2DFAF0}) (Version: 11.6.0.1025 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Hidden
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo App Explorer (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Host App Service) (Version: 0.273.4.694 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.02.25 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.72.0 - Lenovo Group Ltd.)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Teams) (Version: 1.5.00.2164 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 120.0.1 (x64 cs)) (Version: 120.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Signal 1.31.0 (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\{7d96caee-06e6-597c-9f2f-c7bb2e0948b4}) (Version: 1.31.0 - Open Whisper Systems)
Signal 6.39.1 (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.39.1 - Signal Messenger, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.3961 - Microsoft Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.102.190.1030 - Electronic Arts Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.24-Update6 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-11-14] ()
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2023-10-03] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-13] (HP Inc.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2310.18.0_x64__k1h2ywk1493x8 [2023-11-09] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Polarr Pro Photo Editor -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.11.5.0_x64__jb41c8remg0x2 [2023-06-26] (Polarr)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0 [2023-11-24] (Spotify AB) [Startup Task]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-12-24] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21348.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{23066764-9BDD-4FBD-8B1F-F4547CF2684F}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\18.070.0405.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileCoAuth.exe => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\val\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-09-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxDTCM.dll [2016-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\val\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\nfa.cz - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2015-06-25 15:53 - 2015-06-25 15:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-03-23 15:40 - 2013-01-31 18:21 - 000152064 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2018-01-28 20:00 - 2018-01-28 20:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 16:17 - 2015-06-25 16:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 16:21 - 2015-06-25 16:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 16:14 - 2015-06-25 16:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 11:58 - 2015-07-02 11:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 04:13 - 2015-06-25 04:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 16:00 - 2015-06-25 16:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 16:23 - 2015-06-25 16:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 16:28 - 2015-06-25 16:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 16:16 - 2015-06-25 16:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 16:08 - 2015-06-25 16:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 16:58 - 2015-06-25 16:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 15:59 - 2015-06-25 15:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__180825
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-842312810-1200612737-2880215622-1001 -> DefaultScope {BAA2ABC8-5D68-4F5C-8B3D-CC5ED7EBEF29} URL =
SearchScopes: HKU\S-1-5-21-842312810-1200612737-2880215622-1001 -> {BAA2ABC8-5D68-4F5C-8B3D-CC5ED7EBEF29} URL =
SearchScopes: HKU\S-1-5-21-842312810-1200612737-2880215622-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__180825&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\sharepoint.com -> hxxps://ffuk-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2019-01-11 18:29 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-26 12:35 - 2019-02-26 14:33 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\val\Documents\cats.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{53DF42F1-7561-43C9-A2A5-111BC6F77278}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A48785E6-B1BB-4A2C-81A5-648D87238E8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EF8B2468-B47B-48B8-8D56-557AE368D952}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{752A8094-6B82-48EA-AA81-73AE0270DF53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{C46D789A-9EED-4B8D-9827-BF6F768B6A6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{657C836C-3C7A-4B98-B061-7614D1F8997E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{FB8FFB3A-2D27-40A0-AC51-BE1616AEA0C2}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe (Valve Corp. -> Firaxis Games)
FirewallRules: [TCP Query User{7B5E70FE-8D1B-4379-9A10-D4B6F72774F7}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe (Valve Corp. -> Firaxis Games)
FirewallRules: [{29EF7F6D-2E43-4708-870F-8730C45877FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{B3A9DC44-5009-45D9-9BD4-4801DDBC38E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{04FF5544-5655-4A00-810E-B5F7EDECCFCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{4CC2DEC2-E897-434B-BD28-C510E0B03B19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{D9B5A20B-9552-4EE7-BF60-2EE583EAD73A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{168EB396-4590-4FA1-8567-304B97DC186A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{14118108-3FBA-4B04-9D53-5A725AEC0964}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3F5C655A-9E35-48F7-8002-A70C845674F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D6E560A5-308F-47AB-9414-4BF197B13977}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FAFC57BD-CA6C-4D53-9EEC-6E31B8F2B56F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{12ABF23A-93B9-49E2-856E-8C3D66A08A3C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C5492852-B4B6-4FCE-84B7-5E4070DD5ED6}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E873DBE2-EC41-4E6D-BC36-F465A46083C6}C:\users\val\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\val\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [UDP Query User{86553A20-A17A-4951-8809-F257222AC8C7}C:\users\val\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\val\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{B45D1FC0-316F-4E0C-818D-8F7D707AC211}C:\users\val\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\val\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D9349506-7338-4F03-B9B2-8143C4C7B6C2}C:\users\val\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\val\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{21446445-A19F-40DF-A39A-09A702AAA122}C:\users\val\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\val\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0209C036-5747-4181-8E11-687342457D9D}C:\users\val\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\val\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9E7208B0-A883-4B8B-BF44-37AC0E35ABDB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{BB1CAF69-D086-4F3C-9D21-236732DBD3D4}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AD973968-9A3B-4164-999A-DCEF5A392054}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{D74321A8-E482-473A-B43D-37DDB05EDC25}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{A7C5DD3E-1932-481B-927A-49103E5F1C4D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B2ED506-A55B-4C7F-A524-5311C4AEE812}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0784A71A-059C-4C48-A825-969E9167380A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7BE35DCF-154E-4B25-9DF6-15CDC3B8004E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{DD570DE4-230A-4F07-BEBD-22177573F358}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{95F4FE4B-DA8C-4140-B823-143225E7DC60}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A8567441-0E2E-4B3B-A51F-A720993B4159}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8220787E-8AC7-4FD4-98F6-4A6AE1F5417D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{67F1957F-002E-4BB2-93A4-F526CCDCC576}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{42B3FEC4-C9C2-4B1D-B8BC-D66BAF771B59}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{03145C7E-0F85-474D-8EA0-E5A1C221B4B0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{54637E42-58BD-41C9-B413-C842F48FA693}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C66A9FAE-3627-4BF0-BF8A-1C9A170E4316}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6F906116-9B26-4DAA-9C07-EE13FC097797}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{098853C6-91A2-447A-B1AA-A4A13C2635B8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{5D4C382F-4067-40E1-8281-210FC89D88E8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{746F4570-051E-473A-8D11-A3475CCBBBCA}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{F4DC37BF-5716-4106-B445-D355008C45A2}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{3D90B81F-5F95-40A8-ACEF-62E186E04C99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0B21C83D-0417-48F1-85A8-CC647699A948}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4EE392F9-2662-417B-BBBF-14E098722CD2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B1278983-1B81-47BD-B423-D06B4763F3F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9A931F76-13AC-41A4-8F58-686608E023A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8A7BDDB7-6ED2-4058-8D3B-2B45EFDF285E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{738FF13D-E7C4-4830-B8E8-57AF903E81D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E2B1A7FF-9C65-4CB4-A26A-49F5F74658A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D104DB60-538E-4077-B8CC-F9961A08268F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B0972D0-961C-4DB4-B02A-2E80A1EE62FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E72FD571-BACA-492C-BBC6-550C0BA84340}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E779D73F-911F-4263-AAC7-2189EA8DD442}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD0E9406-8493-4970-BB81-54223A6D7503}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53954438-B09E-4F3B-9B48-EE186F87BC97}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E7D423F-8333-4CDD-8248-B2BE886FAD8D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D440EBC-0F24-4431-BC83-E4EB61B38C13}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
03-12-2023 15:33:14 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/05/2023 07:44:45 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/04/2023 07:44:45 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/04/2023 06:35:22 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/03/2023 01:01:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1648, časové razítko: 0x57cac657
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca39e
ID chybujícího procesu: 0x19c4
Čas spuštění chybující aplikace: 0x01da25690b1edcda
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: 9ccc2f73-12d4-4297-b5fd-f632b1623525
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/02/2023 08:21:35 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/01/2023 08:23:37 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/01/2023 12:27:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1648, časové razítko: 0x57cac657
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca39e
ID chybujícího procesu: 0xebc
Čas spuštění chybující aplikace: 0x01da242245a07105
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: ca5d64a2-a0a0-4c7d-8bb1-0646fd08c432
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/01/2023 07:50:15 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
System errors:
=============
Error: (12/05/2023 06:57:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AdaptiveSleepService bylo dosaženo časového limitu (30000 ms).
Error: (11/22/2023 09:23:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SRKCKE8G)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/19/2023 09:37:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SRKCKE8G)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/18/2023 07:53:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SRKCKE8G)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/17/2023 03:26:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba avast! Tools závisí na službě avast! Antivirus, která neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/17/2023 03:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba avast! Antivirus neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/17/2023 03:26:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStm neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/17/2023 03:26:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastWscReporter neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2023-12-04 20:39:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win64/CryptInject
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\ServiceInstaller.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Date: 2023-12-04 20:39:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\ServiceInstaller.msi
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Date: 2023-12-04 20:39:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Casdet!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\StartupCheck.vbs
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Date: 2023-12-04 20:39:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CoinMiner!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Date: 2023-12-04 20:39:03
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:VBS/Tnega!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\Maintenance.vbs
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Event[0]:
Date: 2023-08-30 06:16:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.395.1577.0;1.395.1577.0
Verze modulu: 1.1.23070.1005
Date: 2023-08-29 19:11:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.395.1499.0;1.395.1499.0
Verze modulu: 1.1.23070.1005
Date: 2023-08-10 20:16:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.395.68.0;1.395.68.0
Verze modulu: 1.1.23070.1005
CodeIntegrity:
===============
Date: 2023-12-05 18:20:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 2SCN28WW(V2.08) 08/14/2018
Motherboard: LENOVO Lenovo ideapad 510S-14IKB
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 50%
Total physical RAM: 8035.01 MB
Available physical RAM: 3999.03 MB
Total Virtual: 11828.48 MB
Available Virtual: 6750.23 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:198.95 GB) (Free:33.23 GB) (Model: SAMSUNG MZ7LN256HMJP-000L2) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.25 GB) (Model: SAMSUNG MZ7LN256HMJP-000L2) NTFS
\\?\Volume{2fcaa96b-d383-4b6d-b146-2268c1533b18}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.37 GB) NTFS
\\?\Volume{87a78d60-e853-41dc-82fd-e82f23dfe57a}\ (LENOVO_PART) (Fixed) (Total:12.3 GB) (Free:1.55 GB) NTFS
\\?\Volume{ed3555ae-147d-4b93-825c-e4a824f1251c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BEA91B5B)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2023
Ran by val (administrator) on LAPTOP-SRKCKE8G (LENOVO 80UV) (05-12-2023 19:52:24)
Running from C:\Users\val\Desktop\FRST64.exe
Loaded Profiles: val
Platform: Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE
(explorer.exe ->) (IDRIX SARL -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(explorer.exe ->) (LENOVO -> ) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (IDRIX SARL -> IDRIX) C:\Windows\System32\VeraCrypt.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(spool\drivers\x64\3\CNAP3LAK.EXE ->) (CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABISWD.EXE
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\val\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2017-02-10] (LENOVO -> )
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui (No File)
HKLM\...\Run: [CNAP3 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8025992 2016-09-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16776704 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Run: [VeraCrypt] => C:\Program Files\VeraCrypt\VeraCrypt.exe [5912648 2020-07-09] (IDRIX SARL -> IDRIX)
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2646120 2023-11-29] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Run: [MicrosoftEdgeAutoLaunch_2BD138944824F9E39F1A8E4F21D1EDA9] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\MountPoints2: {05b41f0d-260b-11ec-844d-98541bf1d6a9} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\MountPoints2: {751fc877-1547-11eb-8431-98541bf1d6a9} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\MountPoints2: {e3f70fd1-8f47-11eb-843f-98541bf1d6a9} - "E:\Lenovo_Suite.exe"
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon MFNP Port: C:\WINDOWS\system32\CNCENPM6.dll [152064 2013-01-31] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CNAP3 Monitor: C:\WINDOWS\system32\CNAP3SMD.DLL [1470464 2014-11-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-12-01] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {F62DB79B-E160-41C8-AFF9-A21A4A797619} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {FABF0EDE-A50D-49CE-9891-57362E18639A} - System32\Tasks\App Explorer => C:\Users\val\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7578648 2023-04-22] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {FD464E08-36C5-46C9-92EE-95CA3B600A95} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
Task: {BF9FA7E3-7209-4498-8AAA-D11557A4E8B4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {FD373BC9-1948-4C44-8021-A1B86FECAD6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-25] (Google Inc -> Google Inc.)
Task: {E36B6601-3A48-4CDE-88E2-09CBD31270AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-25] (Google Inc -> Google Inc.)
Task: {A38F279F-5E11-4979-B9DE-90B49481C922} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DFBB9B2C-B04B-4510-BB3E-E793E36608B5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {1868D39B-23F0-42D7-A853-915C93065543} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FF6E1E8B-0B32-4A7B-973E-6303C0624ACE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\46d39c04-a4e7-43ac-8cb8-bd4ef4cdcc7a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {EEFD57E5-4636-4B2B-871F-8608A1146375} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5143f1c8-9526-44e3-89c1-0ea472f92bab => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {909ABC9E-3249-41D7-8112-C466DC3E0D79} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9581e803-a0db-4af0-bfb4-67c9cdaf9651 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {BF8CD1CF-A538-4FAF-8DE2-F14246909354} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d17f0512-a0ff-4398-8ba8-69167ae3c545 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {31574C5D-4EED-4545-813B-56454723AF2A} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-842312810-1200612737-2880215622-1001 => C:\Users\val\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [122344 2019-04-04] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {0EA1570E-7415-4F0A-9D9A-3FD04136BF8F} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {FB54174E-52DE-4A4A-A067-BBE880FF6082} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {EC4C5F13-FE5A-4CC5-AC6F-85A9EBFF5981} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {18FB0890-748F-40A8-AE73-CC65B273D4FC} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {617F8B9F-49E5-445B-982D-BA497577A4FA} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {A03056FF-E94D-43A6-B971-BAED50C83E44} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {A39F71D6-1C6E-41F0-B94C-84C99245198F} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {0633D6DF-52A8-4285-8FC8-CC05DE0639FF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {EC81D7A5-3615-421A-A3FC-D650042266ED} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {EDECA634-60BC-4E35-A8D4-3E9D6668F88A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {4AE13385-7B28-455D-800E-E519058FE307} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {77E86A90-A63C-4939-A3DF-A9342C4CC039} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {2DFCC7E5-AE22-4CE8-B5F5-200962DC089A} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {38FF280E-5BF2-435C-B779-F1A05DD5DE43} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {57F72434-E8AB-477A-BC6A-25B08EB24B84} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {9A3807DD-E560-4BE5-B98D-7352793330FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {5968872B-07C6-4A63-92AE-587F747353BF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {08F95A8B-94F1-465F-BF99-2D0C1480CA24} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1E03156-78C6-41BD-A2B0-C952F83FADD0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {A04C62C3-06C8-4773-8C53-23A7B09A6734} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4431688 2023-10-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DDC2B38E-0631-42D4-9DB8-1A5051D381D5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [364128 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2190ACE-967B-4584-868C-8632D698F45D} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => StartupCheck.vbs (No File)
Task: {FEAC8FB3-48A3-4F20-8937-55612EB9E747} - System32\Tasks\Microsoft\Windows\Maintenance\InstallWinSAT => Maintenance.vbs (No File)
Task: {6B4D982C-9034-4A2C-AF05-527C65CC121F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49B0B8FE-61A6-4AAA-9268-4B78AE419F9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {85FEA8E7-C4F6-45CB-9B0B-0BF63BB83092} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A61706DA-2CB3-444E-8563-3E122E67EB47} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {489F28D4-3C08-4A3F-8CDA-F58A51AB31BD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-16] (Microsoft Windows -> Microsoft Corporation)
Task: {2E0AA02A-77FF-482F-A856-6C8B703716FC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674208 2023-12-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F7EB6D79-E798-45D2-B393-04F139A56925} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {257EDE34-083D-4035-BB99-535A0350CDCC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> )
Task: {0BA24393-52AE-415A-8BCB-AD080E0BF37F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904552 2023-08-15] (Lenovo -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e82220c-7010-41c6-b735-bc0abacdd88b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fb4c2ac2-7a28-46db-b80e-ffd4a387f79f}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\val\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-05]
Edge Extension: (Dokumenty Google offline) - C:\Users\val\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-01]
Edge Extension: (Edge relevant text changes) - C:\Users\val\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-01]
FireFox:
========
FF DefaultProfile: o8uuke26.default
FF ProfilePath: C:\Users\val\AppData\Roaming\Mozilla\Firefox\Profiles\o8uuke26.default [2020-08-22]
FF ProfilePath: C:\Users\val\AppData\Roaming\Mozilla\Firefox\Profiles\9fttahvs.default-release [2023-12-05]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\val\AppData\Roaming\Mozilla\Firefox\Profiles\9fttahvs.default-release\Extensions\firefox@ghostery.com.xpi [2023-08-03]
FF Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\val\AppData\Roaming\Mozilla\Firefox\Profiles\9fttahvs.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2023-11-09]
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\val\AppData\Local\Google\Chrome\User Data\Default [2022-04-07]
CHR Notifications: Default -> hxxps://web.telegram.org
CHR DefaultSearchURL: Default -> hxxps://defaultsearch.co/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> Adaware Secure
CHR Extension: (Prezentace) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-25]
CHR Extension: (Dokumenty) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-25]
CHR Extension: (Disk Google) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-25]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-04-07]
CHR Extension: (Tabulky) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-07]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-07]
CHR Extension: (Adaware Secure) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\nladljmabboanhihfkjacnnkgjhnokhj [2019-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Bitwarden – Bezplatný správce hesel) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-04-07]
CHR Extension: (Gmail) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-09-28]
CHR Notifications: Profile 1 -> hxxps://app.zoom.us; hxxps://meet.google.com
CHR Extension: (Torrent Scanner) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-04-06]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-08-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\val\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-25]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-09-03] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-17] (Microsoft Corporation -> Microsoft Corporation)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11187816 2023-11-29] (Electronic Arts, Inc. -> Electronic Arts)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe [34176 2023-07-14] (Lenovo -> Lenovo)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 VeraCryptSystemFavorites; C:\WINDOWS\system32\VeraCrypt.exe [5912648 2020-07-09] (IDRIX SARL -> IDRIX)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\aswidsagent.exe" [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" /runassvc [X]
S2 avast! Tools; "C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc [X]
S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MpKsl37f11a7d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3D995289-1F14-492E-979C-797B3A37DEFF}\MpKslDrv.sys [263560 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [329184 2016-08-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1057864 2016-10-03] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [831664 2020-07-09] (IDRIX SARL -> IDRIX)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-08] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S2 aswStm; system32\drivers\aswStm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-05 19:52 - 2023-12-05 19:53 - 000034916 _____ C:\Users\val\Desktop\FRST.txt
2023-12-05 19:52 - 2023-12-05 19:52 - 000000000 ____D C:\FRST
2023-12-05 19:50 - 2023-12-05 19:51 - 000000000 ____D C:\Users\val\AppData\Local\Temp\mozilla-temp-files
2023-12-05 19:50 - 2023-12-05 19:50 - 002384384 _____ (Farbar) C:\Users\val\Desktop\FRST64.exe
2023-12-05 19:18 - 2023-12-05 19:19 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_2836_1855475199
2023-12-05 18:19 - 2023-12-05 18:19 - 000000000 ____D C:\Users\val\AppData\Local\Temp\{FC1B77D1-38AE-44C4-98A5-E94C35AD4F97}
2023-12-05 18:18 - 2023-12-05 18:18 - 000144168 _____ C:\Users\val\AppData\Local\Temp\dat9A0F.tmp
2023-12-05 18:18 - 2023-12-05 18:18 - 000143804 _____ C:\Users\val\AppData\Local\Temp\dat99C0.tmp
2023-12-05 18:18 - 2023-12-05 18:18 - 000143016 _____ C:\Users\val\AppData\Local\Temp\dat9A2F.tmp
2023-12-05 18:18 - 2023-12-05 18:18 - 000106380 _____ C:\Users\val\AppData\Local\Temp\dat9A4F.tmp
2023-12-05 18:18 - 2023-12-05 18:18 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10108_605968102
2023-12-05 18:18 - 2023-12-05 18:18 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10108_1979070854
2023-12-05 18:18 - 2023-12-05 18:18 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10108_1027966185
2023-12-04 20:54 - 2023-12-04 20:54 - 000239891 _____ C:\Users\val\AppData\Local\Temp\prep_ui_win32_bundle_V8_perf.cache
2023-12-04 20:54 - 2023-12-04 20:54 - 000024327 _____ C:\Users\val\AppData\Local\Temp\prep_96b416466a7587ae7f08860fbc72_PackageResources_index_win32_bundle_V8_perf.cache
2023-12-04 20:53 - 2023-12-04 20:53 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_8076_95896803
2023-12-04 20:52 - 2023-12-04 20:52 - 000661699 _____ C:\Users\val\AppData\Local\Temp\prep_foundation_win32_bundle_V8_perf.cache
2023-12-04 20:52 - 2023-12-04 20:52 - 000547427 _____ C:\Users\val\AppData\Local\Temp\prep_ram Files (x86)_Microsoft Office_root_Office16_AugLoop_bundle_js_V8_perf.cache
2023-12-04 20:39 - 2023-12-04 20:39 - 000000000 _____ C:\WINDOWS\system32\setup4.2.6.tmp
2023-12-04 20:34 - 2023-12-04 20:34 - 000000000 ____D C:\Users\val\AppData\Local\Temp\lilo.12124
2023-12-04 20:33 - 2023-12-04 20:33 - 000000170 _____ C:\Users\val\AppData\Local\Temp\NGLClient_Photoshop1.ngllogcontrolconfig
2023-12-04 12:37 - 2023-12-04 12:37 - 000311736 _____ C:\Users\val\Downloads\pexels-photo-639110.jpeg
2023-12-04 12:34 - 2023-12-04 12:35 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_6112_1290225544
2023-12-04 12:34 - 2023-12-04 12:34 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_6112_1377135811
2023-12-04 07:34 - 2023-12-04 07:34 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_6112_726893049
2023-12-04 06:34 - 2023-12-04 06:34 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10200_1232774321
2023-12-03 12:04 - 2023-12-03 12:05 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_5596_1908818778
2023-12-02 22:47 - 2023-12-02 22:48 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_10160_915951136
2023-12-02 22:35 - 2023-12-02 22:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-02 20:21 - 2023-12-02 20:25 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_5488_813680935
2023-12-02 20:20 - 2023-12-02 20:21 - 000000000 ____D C:\Users\val\AppData\Local\Temp\edge_BITS_5488_1227820838
2023-12-01 20:37 - 2023-12-05 18:22 - 000006830 _____ C:\Users\val\AppData\Local\Temp\au-descriptor-1.8.0_391-b13.xml
2023-11-25 19:18 - 2023-11-25 19:18 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD35CB.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD2A40.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD27AD.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD273E.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD2325.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD212F.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1B61.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1A26.tmp
2023-11-25 19:17 - 2023-11-25 19:17 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD19A7.tmp
2023-11-23 07:02 - 2023-11-23 07:02 - 007578945 _____ C:\Users\val\Downloads\Priloha_k_Metodickemu_pokynu_AS_c_4-2022_Zakladni_pravidla_pro_zpracovani_archivalii_v3-1_-_20221006-2.pdf
2023-11-23 07:01 - 2023-11-23 07:01 - 000226824 _____ C:\Users\val\Downloads\Metodicky_pokyn_AS_c_4-2022_Zakladni_pravidla_pro_zpracovani_archivalii_v3-1_-_20221006-1.pdf
2023-11-23 07:01 - 2023-11-23 07:01 - 000226824 _____ C:\Users\val\Downloads\Metodicky_pokyn_AS_c_4-2022_Zakladni_pravidla_pro_zpracovani_archivalii_v3-1_-_20221006.pdf
2023-11-17 18:19 - 2023-11-27 20:10 - 000000000 ____D C:\Users\val\AppData\Local\Temp\EDE0C62E-057B-477B-B643-5744DA4109BE
2023-11-16 09:15 - 2023-11-16 09:15 - 000000000 ___HD C:\$WinREAgent
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF290.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF270.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF26F.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF25E.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF24E.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF1FD.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF1BA.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF19A.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF199.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF198.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF187.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDF186.tmp
2023-11-16 08:20 - 2023-11-24 17:50 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD704.tmp
2023-11-14 19:00 - 2023-11-14 19:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\msohtmlclip1
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD5794.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD5745.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD56E6.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD56B6.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD5398.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD52CB.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD528A.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD523A.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD515E.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD514D.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD514C.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD514B.tmp
2023-11-14 18:05 - 2023-11-22 20:11 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD513A.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD42B2.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4272.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4213.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD41D2.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4163.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4162.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4161.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD4160.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD415F.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD415E.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD414D.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD414C.tmp
2023-11-12 09:44 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD414B.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE279.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE249.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE248.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE16D.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE14C.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE13C.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE13B.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE13A.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE127.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE126.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE125.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE115.tmp
2023-11-11 14:36 - 2023-11-19 17:00 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCDE114.tmp
2023-11-08 10:50 - 2023-11-08 10:50 - 000018294 _____ C:\Users\val\Downloads\Ikarie_XB_1_seznam-nalezu.xlsx
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD14C2.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1473.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1432.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1422.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1411.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1410.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD140F.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD140E.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13FD.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13FC.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13FB.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13FA.tmp
2023-11-08 08:06 - 2023-11-16 08:37 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD13F9.tmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-05 19:49 - 2020-03-04 12:27 - 000000000 ____D C:\Users\val\AppData\Roaming\Signal
2023-12-05 19:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-05 19:35 - 2021-12-18 18:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-05 19:35 - 2017-12-25 09:57 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-05 19:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-05 19:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-05 19:06 - 2022-02-10 19:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-05 18:22 - 2023-07-02 10:10 - 000000000 ____D C:\Users\val\AppData\Local\Temp\hsperfdata_val
2023-12-05 18:22 - 2023-07-01 15:56 - 000000000 ____D C:\Users\val\AppData\Local\Temp\MessagingAddin
2023-12-05 18:22 - 2020-09-27 15:00 - 001079389 _____ C:\Users\val\AppData\Local\Temp\driver.xml
2023-12-05 18:19 - 2023-07-02 10:08 - 000000000 ____D C:\Users\val\AppData\Local\Temp\MessagingPlugin
2023-12-05 18:19 - 2022-04-12 13:56 - 000000000 ____D C:\Program Files\Adobe
2023-12-05 18:19 - 2022-04-12 13:54 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-12-05 18:19 - 2017-12-25 10:20 - 000000000 ____D C:\ProgramData\Adobe
2023-12-05 18:19 - 2017-12-24 23:14 - 000000000 ____D C:\Users\val\AppData\Roaming\Adobe
2023-12-05 18:17 - 2023-01-18 16:14 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-12-05 18:17 - 2020-08-06 13:56 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-05 18:16 - 2017-12-24 23:14 - 000000000 __SHD C:\Users\val\IntelGraphicsProfiles
2023-12-04 21:45 - 2018-03-24 14:14 - 000000000 ____D C:\Users\val\AppData\Roaming\Microsoft\PowerPoint
2023-12-04 21:45 - 2017-12-25 10:31 - 000000000 ____D C:\Users\val\AppData\Roaming\Microsoft\Office
2023-12-04 20:53 - 2023-07-02 11:48 - 000000000 ____D C:\Users\val\AppData\Local\Temp\Outlook Logging
2023-12-04 20:36 - 2023-07-19 13:40 - 000000000 ____D C:\Users\val\AppData\Local\Temp\PhotoshopCrashes
2023-12-04 20:33 - 2017-12-27 15:02 - 000000000 ____D C:\Users\val\Documents\Fotky
2023-12-04 20:25 - 2023-08-05 11:14 - 000000000 ____D C:\Users\val\AppData\Local\Temp\notificationimages
2023-12-04 11:48 - 2017-12-27 15:27 - 000000000 ____D C:\Users\val\Documents\NFA
2023-12-04 08:42 - 2020-09-26 19:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-02 22:46 - 2020-08-22 15:07 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-02 22:44 - 2017-12-25 11:11 - 000000000 ____D C:\Users\val\AppData\Roaming\vlc
2023-12-02 20:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-01 20:39 - 2020-09-26 20:07 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-12-01 20:39 - 2020-09-26 20:07 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-12-01 20:37 - 2023-07-27 14:30 - 000000000 ____D C:\Users\val\AppData\Local\Temp\acrocef_low
2023-12-01 20:21 - 2020-09-26 20:07 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-12-01 12:53 - 2023-07-01 13:19 - 000000000 ____D C:\Users\val\AppData\Local\Temp\acrobat_sbx
2023-12-01 10:08 - 2017-12-25 10:37 - 000000000 ____D C:\Users\val\AppData\Roaming\Microsoft\Excel
2023-12-01 07:50 - 2017-12-25 09:57 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-24 18:30 - 2020-09-26 20:09 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-24 18:30 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2023-11-24 18:30 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2023-11-23 12:37 - 2017-12-25 10:31 - 000000000 ____D C:\Users\val\AppData\Roaming\Microsoft\Word
2023-11-22 17:01 - 2020-08-22 15:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-11-17 16:09 - 2017-02-10 12:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-11-17 15:26 - 2020-09-26 20:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-17 15:26 - 2020-09-20 08:52 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-17 15:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-17 15:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-17 15:25 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-11-17 15:21 - 2020-09-26 19:50 - 000437848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-17 15:21 - 2020-03-26 21:41 - 000000000 ____D C:\WINDOWS\TempInst
2023-11-16 18:37 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-11-16 18:37 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-16 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-16 18:36 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-16 18:36 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-16 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-16 18:36 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-16 09:35 - 2019-12-07 15:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-16 09:35 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-16 09:35 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-16 09:35 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-16 09:27 - 2020-09-26 19:50 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-16 08:41 - 2017-12-26 21:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-16 08:36 - 2017-12-26 21:37 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-14 18:18 - 2022-10-12 14:16 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-14 18:18 - 2022-10-12 14:16 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-11-14 18:18 - 2020-09-26 20:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-14 18:10 - 2017-02-10 12:37 - 000000000 ____D C:\ProgramData\Lenovo
2023-11-13 18:46 - 2020-09-26 20:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2023-11-13 18:46 - 2019-01-29 20:39 - 000005757 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2023-11-13 18:46 - 2017-02-10 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2023-11-13 18:46 - 2017-02-10 12:45 - 000000000 ____D C:\Program Files (x86)\Lenovo
2023-11-12 09:55 - 2023-10-15 11:46 - 000000000 ____D C:\Users\val\Documents\nová práce
2023-11-11 19:18 - 2020-08-24 13:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1EE9.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1E3B.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1DFA.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1DAA.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D7A.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D79.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D78.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D77.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D76.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D56.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D55.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D50.tmp
2023-11-11 14:54 - 2023-11-04 08:41 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD1D4F.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8CDE.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B56.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B46.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B45.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B34.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B23.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B22.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B21.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B20.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B1F.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B0F.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8B0E.tmp
2023-11-08 13:01 - 2023-11-01 09:42 - 000000000 ____D C:\Users\val\AppData\Local\Temp\TCD8AEE.tmp
2023-11-08 06:41 - 2018-05-15 07:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2023
Ran by val (05-12-2023 19:55:21)
Running from C:\Users\val\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) (2020-09-26 19:07:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-842312810-1200612737-2880215622-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-842312810-1200612737-2880215622-503 - Limited - Disabled)
Guest (S-1-5-21-842312810-1200612737-2880215622-501 - Limited - Disabled)
val (S-1-5-21-842312810-1200612737-2880215622-1001 - Administrator - Enabled) => C:\Users\val
WDAGUtilityAccount (S-1-5-21-842312810-1200612737-2880215622-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\uTorrent) (Version: 3.5.5.46348 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1801-000001000000}) (Version: 18.01.00.0 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Install Manager (HKLM\...\{CB17F29D-81FB-9BE1-F87A-682396B74EAB}) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0903.849.14039 - Advanced Micro Devices, Inc.)
Audio By Harman (HKLM\...\{F2DA805F-3FBD-4A4E-970F-5EE7027107EB}) (Version: 1.4.0.0 - Harman, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Canon LBP6230 6240 Uninstaller (HKLM\...\Canon LBP6230 6240) (Version: 6, 3, 1, 0 - Canon Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.74.0.5587 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{3a884fa0-0591-4b54-9aa2-442b4172ec32}) (Version: 13.74.0.5587 - Electronic Arts)
Google Chrome (HKLM\...\{B98EEA88-7820-3A65-A3AF-99A11D1A9D49}) (Version: 119.0.6045.200 - Google, Inc.)
Intel(R) Chipset Device Software (HKLM\...\{3AAD3A73-0D6A-4EFE-93FC-7719DC6C89E4}) (Version: 10.1.1.37 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{C72F5F83-E423-4634-A41F-1E509F2DFAF0}) (Version: 11.6.0.1025 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Hidden
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo App Explorer (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Host App Service) (Version: 0.273.4.694 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.7 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.02.25 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.72.0 - Lenovo Group Ltd.)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\Teams) (Version: 1.5.00.2164 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31938 (HKLM-x32\...\{d92971ab-f030-43c8-8545-c66c818d0e05}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31938 (HKLM-x32\...\{4f84f2dc-3f70-433a-8f50-8293e0089b0f}) (Version: 14.34.31938.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31938 (HKLM\...\{7DA37AE3-D8AE-49B1-9BDC-23CA0AB9FF22}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31938 (HKLM\...\{0AE39060-F209-4D05-ABC7-54B8F9CFA32E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31938 (HKLM-x32\...\{080D8397-60F4-44B3-BB95-FBB950CB0B4E}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31938 (HKLM-x32\...\{8DE5B0D4-A6D8-4F72-B8EF-28776A2EE5D5}) (Version: 14.34.31938 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 120.0.1 (x64 cs)) (Version: 120.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Signal 1.31.0 (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\{7d96caee-06e6-597c-9f2f-c7bb2e0948b4}) (Version: 1.31.0 - Open Whisper Systems)
Signal 6.39.1 (HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 6.39.1 - Signal Messenger, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.3961 - Microsoft Corporation)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.102.190.1030 - Electronic Arts Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.24-Update6 - IDRIX)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-11-14] ()
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2023-10-03] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-13] (HP Inc.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2310.18.0_x64__k1h2ywk1493x8 [2023-11-09] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-09-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Polarr Pro Photo Editor -> C:\Program Files\WindowsApps\613EBCEA.PolarrPhotoEditorAcademicEdition_5.11.5.0_x64__jb41c8remg0x2 [2023-06-26] (Polarr)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0 [2023-11-24] (Spotify AB) [Startup Task]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-12-24] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21348.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{23066764-9BDD-4FBD-8B1F-F4547CF2684F}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\18.070.0405.0002\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\val\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileCoAuth.exe => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\val\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-842312810-1200612737-2880215622-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\val\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-09-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igfxDTCM.dll [2016-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-28] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\val\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\nfa.cz - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2015-06-25 15:53 - 2015-06-25 15:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-03-23 15:40 - 2013-01-31 18:21 - 000152064 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCENPM6.dll
2018-01-28 20:00 - 2018-01-28 20:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 16:15 - 2015-06-25 16:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 16:17 - 2015-06-25 16:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 16:20 - 2015-06-25 16:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 16:21 - 2015-06-25 16:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 16:14 - 2015-06-25 16:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 11:58 - 2015-07-02 11:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 16:03 - 2015-06-25 16:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 04:13 - 2015-06-25 04:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 16:00 - 2015-06-25 16:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 16:23 - 2015-06-25 16:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 16:28 - 2015-06-25 16:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 16:16 - 2015-06-25 16:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 16:08 - 2015-06-25 16:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 16:58 - 2015-06-25 16:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 15:59 - 2015-06-25 15:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2023-11-29 18:43 - 2023-11-29 18:43 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__180825
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-842312810-1200612737-2880215622-1001 -> DefaultScope {BAA2ABC8-5D68-4F5C-8B3D-CC5ED7EBEF29} URL =
SearchScopes: HKU\S-1-5-21-842312810-1200612737-2880215622-1001 -> {BAA2ABC8-5D68-4F5C-8B3D-CC5ED7EBEF29} URL =
SearchScopes: HKU\S-1-5-21-842312810-1200612737-2880215622-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10454__180825&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-10-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-27] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-31] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\sharepoint.com -> hxxps://ffuk-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-842312810-1200612737-2880215622-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2019-01-11 18:29 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-26 12:35 - 2019-02-26 14:33 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-842312810-1200612737-2880215622-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\val\Documents\cats.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{53DF42F1-7561-43C9-A2A5-111BC6F77278}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A48785E6-B1BB-4A2C-81A5-648D87238E8E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EF8B2468-B47B-48B8-8D56-557AE368D952}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{752A8094-6B82-48EA-AA81-73AE0270DF53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{C46D789A-9EED-4B8D-9827-BF6F768B6A6D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{657C836C-3C7A-4B98-B061-7614D1F8997E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{FB8FFB3A-2D27-40A0-AC51-BE1616AEA0C2}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe (Valve Corp. -> Firaxis Games)
FirewallRules: [TCP Query User{7B5E70FE-8D1B-4379-9A10-D4B6F72774F7}C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe] => (Block) C:\program files (x86)\steam\steamapps\common\sid meier's civilization v\civilizationv.exe (Valve Corp. -> Firaxis Games)
FirewallRules: [{29EF7F6D-2E43-4708-870F-8730C45877FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{B3A9DC44-5009-45D9-9BD4-4801DDBC38E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{04FF5544-5655-4A00-810E-B5F7EDECCFCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{4CC2DEC2-E897-434B-BD28-C510E0B03B19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe (Firaxis Games) [File not signed]
FirewallRules: [{D9B5A20B-9552-4EE7-BF60-2EE583EAD73A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{168EB396-4590-4FA1-8567-304B97DC186A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{14118108-3FBA-4B04-9D53-5A725AEC0964}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3F5C655A-9E35-48F7-8002-A70C845674F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D6E560A5-308F-47AB-9414-4BF197B13977}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FAFC57BD-CA6C-4D53-9EEC-6E31B8F2B56F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{12ABF23A-93B9-49E2-856E-8C3D66A08A3C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C5492852-B4B6-4FCE-84B7-5E4070DD5ED6}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{E873DBE2-EC41-4E6D-BC36-F465A46083C6}C:\users\val\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\val\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [UDP Query User{86553A20-A17A-4951-8809-F257222AC8C7}C:\users\val\appdata\roaming\utorrent web\utweb.exe] => (Block) C:\users\val\appdata\roaming\utorrent web\utweb.exe => No File
FirewallRules: [TCP Query User{B45D1FC0-316F-4E0C-818D-8F7D707AC211}C:\users\val\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\val\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{D9349506-7338-4F03-B9B2-8143C4C7B6C2}C:\users\val\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\val\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{21446445-A19F-40DF-A39A-09A702AAA122}C:\users\val\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\val\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{0209C036-5747-4181-8E11-687342457D9D}C:\users\val\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\val\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9E7208B0-A883-4B8B-BF44-37AC0E35ABDB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{BB1CAF69-D086-4F3C-9D21-236732DBD3D4}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AD973968-9A3B-4164-999A-DCEF5A392054}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{D74321A8-E482-473A-B43D-37DDB05EDC25}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{A7C5DD3E-1932-481B-927A-49103E5F1C4D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6B2ED506-A55B-4C7F-A524-5311C4AEE812}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0784A71A-059C-4C48-A825-969E9167380A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7BE35DCF-154E-4B25-9DF6-15CDC3B8004E}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{DD570DE4-230A-4F07-BEBD-22177573F358}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{95F4FE4B-DA8C-4140-B823-143225E7DC60}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{A8567441-0E2E-4B3B-A51F-A720993B4159}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8220787E-8AC7-4FD4-98F6-4A6AE1F5417D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{67F1957F-002E-4BB2-93A4-F526CCDCC576}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{42B3FEC4-C9C2-4B1D-B8BC-D66BAF771B59}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{03145C7E-0F85-474D-8EA0-E5A1C221B4B0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{54637E42-58BD-41C9-B413-C842F48FA693}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C66A9FAE-3627-4BF0-BF8A-1C9A170E4316}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6F906116-9B26-4DAA-9C07-EE13FC097797}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{098853C6-91A2-447A-B1AA-A4A13C2635B8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{5D4C382F-4067-40E1-8281-210FC89D88E8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{746F4570-051E-473A-8D11-A3475CCBBBCA}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{F4DC37BF-5716-4106-B445-D355008C45A2}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{3D90B81F-5F95-40A8-ACEF-62E186E04C99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0B21C83D-0417-48F1-85A8-CC647699A948}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4EE392F9-2662-417B-BBBF-14E098722CD2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B1278983-1B81-47BD-B423-D06B4763F3F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9A931F76-13AC-41A4-8F58-686608E023A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8A7BDDB7-6ED2-4058-8D3B-2B45EFDF285E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{738FF13D-E7C4-4830-B8E8-57AF903E81D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E2B1A7FF-9C65-4CB4-A26A-49F5F74658A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D104DB60-538E-4077-B8CC-F9961A08268F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B0972D0-961C-4DB4-B02A-2E80A1EE62FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E72FD571-BACA-492C-BBC6-550C0BA84340}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E779D73F-911F-4263-AAC7-2189EA8DD442}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD0E9406-8493-4970-BB81-54223A6D7503}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53954438-B09E-4F3B-9B48-EE186F87BC97}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E7D423F-8333-4CDD-8248-B2BE886FAD8D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D440EBC-0F24-4431-BC83-E4EB61B38C13}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
03-12-2023 15:33:14 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/05/2023 07:44:45 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/04/2023 07:44:45 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/04/2023 06:35:22 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/03/2023 01:01:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1648, časové razítko: 0x57cac657
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca39e
ID chybujícího procesu: 0x19c4
Čas spuštění chybující aplikace: 0x01da25690b1edcda
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: 9ccc2f73-12d4-4297-b5fd-f632b1623525
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/02/2023 08:21:35 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/01/2023 08:23:37 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (12/01/2023 12:27:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonSettings.exe, verze: 10.1.1.1648, časové razítko: 0x57cac657
Název chybujícího modulu: Qt5Core.dll, verze: 5.5.0.0, časové razítko: 0x558c6b3a
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001ca39e
ID chybujícího procesu: 0xebc
Čas spuštění chybující aplikace: 0x01da242245a07105
Cesta k chybující aplikaci: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Cesta k chybujícímu modulu: C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
ID zprávy: ca5d64a2-a0a0-4c7d-8bb1-0646fd08c432
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/01/2023 07:50:15 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
System errors:
=============
Error: (12/05/2023 06:57:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby AdaptiveSleepService bylo dosaženo časového limitu (30000 ms).
Error: (11/22/2023 09:23:38 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SRKCKE8G)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/19/2023 09:37:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SRKCKE8G)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/18/2023 07:53:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SRKCKE8G)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/17/2023 03:26:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba avast! Tools závisí na službě avast! Antivirus, která neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/17/2023 03:26:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba avast! Antivirus neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/17/2023 03:26:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStm neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/17/2023 03:26:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastWscReporter neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2023-12-04 20:39:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win64/CryptInject
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\ServiceInstaller.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Date: 2023-12-04 20:39:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\ServiceInstaller.msi
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Date: 2023-12-04 20:39:06
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Casdet!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\StartupCheck.vbs
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Date: 2023-12-04 20:39:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CoinMiner!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Date: 2023-12-04 20:39:03
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:VBS/Tnega!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Windows\System32\Maintenance.vbs
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-SRKCKE8G\val
Název procesu: C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
Verze bezpečnostních informací: AV: 1.401.1643.0, AS: 1.401.1643.0, NIS: 1.401.1643.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Event[0]:
Date: 2023-08-30 06:16:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.395.1577.0;1.395.1577.0
Verze modulu: 1.1.23070.1005
Date: 2023-08-29 19:11:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.395.1499.0;1.395.1499.0
Verze modulu: 1.1.23070.1005
Date: 2023-08-10 20:16:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.395.68.0;1.395.68.0
Verze modulu: 1.1.23070.1005
CodeIntegrity:
===============
Date: 2023-12-05 18:20:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2848511bc3f67d29\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 2SCN28WW(V2.08) 08/14/2018
Motherboard: LENOVO Lenovo ideapad 510S-14IKB
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 50%
Total physical RAM: 8035.01 MB
Available physical RAM: 3999.03 MB
Total Virtual: 11828.48 MB
Available Virtual: 6750.23 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:198.95 GB) (Free:33.23 GB) (Model: SAMSUNG MZ7LN256HMJP-000L2) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.25 GB) (Model: SAMSUNG MZ7LN256HMJP-000L2) NTFS
\\?\Volume{2fcaa96b-d383-4b6d-b146-2268c1533b18}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.37 GB) NTFS
\\?\Volume{87a78d60-e853-41dc-82fd-e82f23dfe57a}\ (LENOVO_PART) (Fixed) (Total:12.3 GB) (Free:1.55 GB) NTFS
\\?\Volume{ed3555ae-147d-4b93-825c-e4a824f1251c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BEA91B5B)
Partition: GPT.
==================== End of Addition.txt =======================
