Kontrola logu
Napsal: 06 pro 2024 19:46
Dobrý den,
prosím o kontrolu logu ještě u tohoto počítače, je velmi pomalý, samovolně se vypíná prohlížeč Seznam.cz. Je tento prohlížeč bezpečný ? Níže logy z ADW a FRST:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-06-2024
# Duration: 00:00:42
# OS: Windows 11 (Build 22631.3737)
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Miloš Marčík\AppData\Local\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1932 octets] - [06/12/2024 19:20:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2024
Ran by Miloš Marčík (administrator) on LAPTOP-F901P80G (LENOVO 81NG) (06-12-2024 19:26:46)
Running from C:\Users\Miloš Marčík\Downloads\FRST64.exe
Loaded Profiles: Miloš Marčík
Platform: Microsoft Windows 11 Home Version 23H2 22631.3737 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <34>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_b117548b2e075ba1\aesm_service.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.5.127.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_3\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [881440 2019-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427816 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\Run: [sznAgent] => C:\Users\Miloš Marčík\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe [168296 2024-08-12] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\Run: [MicrosoftEdgeAutoLaunch_5FC1D94A0E061FED51A13A98774E7F57] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883576 2024-06-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\Run: [AvastBrowserAutoLaunch_1B00B96191D1CB58BD82771BDE6E3773] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3171424 2024-11-06] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG4200 series: C:\WINDOWS\system32\CNMLMB9.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\130.0.27176.93\Installer\chrmstp.exe [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2024-12-06]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" could not be unlocked. <==== ATTENTION
Task: {9327452F-AA54-4313-981E-EDE6C153676E} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {127D0B43-4B1A-4C7D-8594-48DB18EFDFEC} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3171424 2024-11-06] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {D8C5849D-B115-4169-93D2-33C90FEBC9B4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3171424 2024-11-06] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {52EEDEAF-776C-449A-82AD-FE16C4863E8F} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8289064 2024-11-13] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {52514AED-F6A9-4AC4-BD57-60985236F6A0} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5209384 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {ED516C09-277E-4CA5-98AE-EE20191327BC} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5974312 2024-12-06] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {0D822DC6-83D7-48A9-AABD-7EC1AD8BC00F} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [3914536 2024-12-06] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {64DC51D9-AABB-48D4-922D-7C3F1C5962E2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [8289064 2024-11-12] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {54599634-05BC-446E-B7F9-728F6C9B898B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {78BE474E-0075-4F05-A314-3443AE32AD81} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {67433AD0-75C8-4047-94D2-A0A88A1269D8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {B20EEAF4-928F-499D-B187-F5018568D5C2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F6CD35F5-223B-4688-84CE-A13306EE82D8} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {B228150F-B854-4A59-8D14-EF9CCC292B20} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {30382710-843B-4FFE-A06B-A131F16DED0E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\14f65362-9f3c-40ee-bdd1-52fcdb2b6005 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {413DFC39-589C-4E7E-8943-3EC930C39602} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\532210af-6953-4d26-b9e3-bd89cde5e0de => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {7D2E5427-97E5-42D8-B498-4AB0A6270FB7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\698c03fc-ba71-442a-82b3-77f9bab79bd4 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {17396FF8-039E-44A7-83E2-8E74FB7912C0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\72e10c42-8d1e-418d-9c2b-17cfa1c63318 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {0EE60389-7331-49E6-ADFC-13646C85C4BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f3b45b66-7bbd-4377-a013-ad4f582af890 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {AC2E480C-0E06-49B6-99FE-FB4D6D1AE626} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {5CC7A1E0-AFA3-43AA-8AE0-397EE0D52031} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {97DE0794-0E79-47F3-A39D-F0764E9CA82D} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {DDD5987C-4042-40B2-852F-B74FD08C92FE} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {E0CA12DC-F486-46A8-A029-722713DA4A4C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {EF868470-A2BE-4702-AFA5-B4D15ECF0A1B} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {651821EA-0670-42A0-AD88-A4FF1ACB7EF5} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {5792B026-1889-44A0-BE11-F05594F70A5E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {FCAEB230-CB9E-4CEE-94B5-E419E6BA6183} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {54D1E98B-8539-4FD0-8F76-E4D8AFB204AD} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {E5CFD445-6F16-4784-A3F0-375D9A34A8F1} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {25B66D82-ECD2-4DBE-AFDB-D6E08D1A6264} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {A9B40DB8-827E-4B6D-9124-9A9301AB0F4A} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {84A444D5-70F7-44C6-9F06-22B10CC08F82} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.181\x64\IdleScheduleEventAction.exe [143768 2024-11-01] (Lenovo -> )
Task: {39C38B6B-BFB6-472A-A4A3-071284EF6D2C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {D3F1C191-FB61-4E50-818A-2F4C9C1235C8} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {62563578-A2F2-41DE-B0A5-237716683257} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\uninstall.exe [340968 2024-09-12] (Lenovo -> Lenovo)
Task: {C9CDDEEB-BCFE-419C-9272-181CC1E58460} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe [5472312 2024-06-29] (Microsoft Windows -> Microsoft Corporation)
Task: {687E2E6A-D032-4DBC-B4FA-058C5BAA1C9C} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4565048 2024-01-23] (McAfee, LLC -> McAfee, LLC)
Task: {D89B0054-BFD1-4924-85D8-F158D4060160} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.117\DADUpdater.exe [4098112 2024-05-22] (McAfee, LLC -> McAfee, LLC)
Task: {00FDB4ED-23DA-4A2B-9F4C-DA9F6415FE6C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072968 2020-03-23] (McAfee, LLC -> McAfee, LLC)
Task: {F632A95B-5C4F-4B6D-855B-D29ACC6D9988} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [761528 2020-03-29] (McAfee, LLC -> McAfee, LLC.)
Task: {3A09CCEE-C46A-4837-BF9E-45258553B6AB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCFEE827-D008-44BB-ADBA-F355BF33D71B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {C54746D3-E1D8-4888-9D4B-9C6E198D6EBB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221848 2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF010D7E-16FE-4B7B-94F0-B501B8F35CCF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221848 2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {6ADD9AA8-3F8C-42D0-97EC-96428B739D26} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {CCE5C67E-B1FA-401C-A2C4-85EDE3F0D66D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {68722AE4-7FD1-47CF-9706-57EB14878FB0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {EBF1D940-ECEB-493A-B4E0-E176B4DC9459} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {42BF8062-1A40-41C1-A9B1-811EB85AE6DF} - System32\Tasks\S-1-5-21-4128794808-1625656583-1006771146-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f263260c-46aa-41b2-b475-fd5555131ee9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f263260c-46aa-41b2-b475-fd5555131ee9}: [DhcpDomain] home
Tcpip\..\Interfaces\{f263260c-46aa-41b2-b475-fd5555131ee9}\65F6461666F6E65602237484A7: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f263260c-46aa-41b2-b475-fd5555131ee9}\65F6461666F6E65602237484A7: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miloš Marčík\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path= [2021-09-26] <==== ATTENTION
Edge Profile: C:\Users\Miloš Marčík\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-06]
Edge DownloadDir: Default -> C:\Users\Miloš Marčík\Downloads
Edge Extension: (Dokumenty Google offline) - C:\Users\Miloš Marčík\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Miloš Marčík\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2024-12-04] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-04-18] (McAfee, LLC -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-04-18] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7308072 2024-12-05] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776488 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2362664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1222952 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\130.0.27176.93\elevation_service.exe [1880632 2024-11-06] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-12-05] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-21] (Microsoft Corporation -> Microsoft Corporation)
S2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [82792 2019-05-12] (Synaptics Incorporated -> Conexant Systems LLC.)
S2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1641416 2019-05-13] (Dolby Laboratories, Inc. -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-06-15] (HP Inc. -> HP Inc.)
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe [34256 2024-09-12] (Lenovo -> Lenovo)
S2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1643688 2019-05-06] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2024-12-04] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_3\McApExe.exe [765184 2020-04-24] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [460704 2019-08-14] (McAfee, LLC. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.5.127.0\McCSPServiceHost.exe [2687592 2020-04-10] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1161032 2022-07-14] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-02-20] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-02-20] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-02-20] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1738176 2020-03-24] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1371456 2020-04-01] (McAfee, LLC -> McAfee, LLC)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12779816 2024-12-06] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [234056 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [383040 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296008 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84552 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28736 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274504 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [550984 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97864 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69184 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [954944 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1424448 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203848 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381512 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [80696 2024-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [174864 2024-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-04-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-04-12] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226496 2020-03-23] (McAfee, LLC -> McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [528824 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [381360 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86144 2020-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522168 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [999352 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [595592 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108168 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116872 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2023-06-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-06-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-15] (Microsoft Windows -> Microsoft Corporation)
R3 aswArDisk; no ImagePath
S3 MpKsl2d2c3b86; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBB66186-596A-47E1-86E0-05C6A13A7EE1}\MpKslDrv.sys [X]
S3 MpKsl350d24e4; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBB66186-596A-47E1-86E0-05C6A13A7EE1}\MpKslDrv.sys [X]
S3 MpKsla0ca24b2; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBB66186-596A-47E1-86E0-05C6A13A7EE1}\MpKslDrv.sys [X]
S3 MpKsle481038e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBB66186-596A-47E1-86E0-05C6A13A7EE1}\MpKslDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-06 19:26 - 2024-12-06 19:27 - 000033113 _____ C:\Users\Miloš Marčík\Downloads\FRST.txt
2024-12-06 19:26 - 2024-12-06 19:27 - 000000000 ____D C:\FRST
2024-12-06 19:25 - 2024-12-06 19:26 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\FRST64.exe
2024-12-06 19:24 - 2024-12-06 19:24 - 000001640 _____ C:\Users\Miloš Marčík\Desktop\241206 ADW.txt
2024-12-06 19:19 - 2024-12-06 19:21 - 000000000 ____D C:\AdwCleaner
2024-12-06 19:19 - 2024-12-06 19:19 - 008790880 _____ (Malwarebytes) C:\Users\Miloš Marčík\Downloads\AdwCleaner.exe
2024-12-06 19:19 - 2024-12-06 19:19 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 696476.crdownload
2024-12-06 19:19 - 2024-12-06 19:19 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 487730.crdownload
2024-12-06 19:15 - 2024-12-06 19:15 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 433995.crdownload
2024-12-06 19:13 - 2024-12-06 19:13 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 491837.crdownload
2024-12-06 19:09 - 2024-12-06 19:09 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2024-12-06 19:09 - 2024-12-06 19:09 - 000002148 _____ C:\Users\Public\Desktop\Avast SecureLine VPN.lnk
2024-12-06 19:07 - 2024-12-06 19:07 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 847549.crdownload
2024-12-06 19:07 - 2024-12-06 19:07 - 000002145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2024-12-06 19:07 - 2024-12-06 19:07 - 000002133 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2024-12-06 19:06 - 2024-12-05 14:54 - 000315688 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-12-06 19:00 - 2024-12-06 19:00 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 806923.crdownload
2024-12-06 19:00 - 2024-12-06 19:00 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 733754.crdownload
2024-12-06 18:58 - 2024-12-06 18:58 - 000249072 _____ (Gen Digital Inc.) C:\Users\Miloš Marčík\Downloads\online_instalační_soubor_aplikace_avast_free_antivirus (1).exe
2024-12-06 15:16 - 2024-12-06 15:29 - 000000000 ____D C:\Users\Miloš Marčík\Desktop\Nová složka 127
2024-12-06 08:46 - 2024-12-06 08:46 - 000693828 _____ C:\WINDOWS\system32\perfh005.dat
2024-12-06 08:46 - 2024-12-06 08:46 - 000143682 _____ C:\WINDOWS\system32\perfc005.dat
2024-12-06 08:44 - 2024-12-06 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2024-12-05 14:56 - 2024-12-05 14:56 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-12-05 14:56 - 2024-12-05 14:56 - 000002496 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2024-12-05 14:56 - 2024-12-05 14:56 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Roaming\Avast Software
2024-12-05 14:55 - 2024-12-06 19:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-12-05 14:55 - 2024-12-05 14:57 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Local\AVAST Software
2024-12-05 14:55 - 2024-12-05 14:55 - 000003844 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2024-12-05 14:55 - 2024-12-05 14:55 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2024-12-05 14:55 - 2024-12-05 14:55 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2024-12-05 14:55 - 2024-12-05 14:55 - 000003260 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2024-12-05 14:55 - 2024-12-05 14:55 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2024-12-05 14:54 - 2024-12-06 19:09 - 000000000 ____D C:\ProgramData\Avast Software
2024-12-05 14:54 - 2024-12-06 19:09 - 000000000 ____D C:\Program Files\Avast Software
2024-12-05 14:54 - 2024-12-05 14:54 - 000050976 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2024-12-05 14:54 - 2024-12-05 14:54 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-12-05 14:53 - 2024-12-05 14:53 - 000249072 _____ (Gen Digital Inc.) C:\Users\Miloš
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-06 19:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-06 19:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-06 19:12 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-12-06 19:06 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-12-06 18:52 - 2023-04-12 17:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-06 18:17 - 2020-05-24 07:34 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Roaming\Microsoft\Excel
2024-12-06 18:17 - 2020-05-24 02:08 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Roaming\Microsoft\Word
2024-12-06 14:58 - 2020-03-08 07:16 - 000000000 ____D C:\ProgramData\Goodix
2024-12-06 08:46 - 2023-04-12 17:35 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-12-06 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-06 08:42 - 2020-10-18 16:13 - 000012516 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2024-12-06 08:42 - 2020-05-11 06:35 - 000000000 ___RD C:\Users\Miloš Marčík\OneDrive
2024-12-06 08:42 - 2020-03-08 07:14 - 000000000 ____D C:\WINDOWS\CxSvc
2024-12-06 08:41 - 2023-04-12 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-06 08:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-12-06 08:41 - 2021-02-20 22:27 - 000012288 ___SH C:\DumpStack.log.tmp
2024-12-06 08:41 - 2020-05-11 06:33 - 000000000 __SHD C:\Users\Miloš Marčík\IntelGraphicsProfiles
2024-12-06 08:41 - 2020-03-08 05:54 - 000000000 ___HD C:\Intel
2024-12-05 22:55 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-12-05 14:58 - 2021-10-05 13:45 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Local\D3DSCache
2024-12-04 19:52 - 2023-04-12 17:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4128794808-1625656583-1006771146-1001
2024-12-04 19:52 - 2023-04-12 17:25 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4128794808-1625656583-1006771146-1001
2024-12-04 19:52 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-04 19:52 - 2021-02-20 22:27 - 000002413 _____ C:\Users\Miloš Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-03 18:47 - 2020-05-11 06:33 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Local\Packages
2024-12-02 15:52 - 2024-10-04 10:52 - 000000000 ____D C:\Users\Miloš Marčík\Desktop\Přehledy Pražské vycházky a jiné - kopie
2024-12-01 22:07 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-11-24 17:21 - 2023-04-12 17:25 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-24 17:21 - 2023-04-12 17:25 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-21 11:08 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-06 19:58 - 2024-08-16 19:53 - 000000000 ____D C:\Users\Miloš Marčík\Desktop\Česko - francouzský slovník
==================== Files in the root of some directories ========
2022-02-02 14:07 - 2022-02-02 14:07 - 000000544 _____ () C:\Program Files (x86)\LMIR0C070001.tmp_r.bat
2022-02-02 14:34 - 2022-02-02 14:34 - 000000780 _____ () C:\Users\Miloš Marčík\AppData\Local\LMIR0C05D001.tmp.bat
2022-02-02 14:34 - 2022-02-02 14:34 - 000000577 _____ () C:\Users\Miloš Marčík\AppData\Local\LMIR0C05D001.tmp_r.bat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by Miloš Marčík (06-12-2024 19:30:30)
Running from C:\Users\Miloš Marčík\Downloads
Microsoft Windows 11 Home Version 23H2 22631.3737 (X64) (2023-04-12 16:27:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4128794808-1625656583-1006771146-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4128794808-1625656583-1006771146-503 - Limited - Disabled)
Guest (S-1-5-21-4128794808-1625656583-1006771146-501 - Limited - Disabled)
Miloš Marčík (S-1-5-21-4128794808-1625656583-1006771146-1001 - Administrator - Enabled) => C:\Users\Miloš Marčík
WDAGUtilityAccount (S-1-5-21-4128794808-1625656583-1006771146-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.11.9615.2285 - Gen Digital Inc.)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 130.0.27176.93 - Gen Digital Inc.)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 24.11.10832.13952 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
Intel(R) Chipset Device Software (HKLM\...\{351A0D24-F6F1-4105-AA50-5D2CCC71E0DD}) (Version: 10.1.18019.8144 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2.24.0 - Lenovo Group Ltd.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R25 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.81 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.17726.20126 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\OneDriveSetup.exe) (Version: 24.221.1103.0003 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\f9a89bd2a46a7606) (Version: 17.0.4589.1 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20090 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Prohlížeč Seznam.cz (HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\Seznam Browser) (Version: 6.24.3 - Seznam.cz a.s.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.990 - McAfee, LLC)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt [2023-06-09] (INTEL CORP) [Startup Task]
Dolby Audio Speaker System -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudioSpeakerSystem_3.20402.409.0_x64__rz1tebttyb220 [2020-03-08] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-02] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_146.2.1055.0_x64__v10z8vjag6ke6 [2023-06-24] (HP Inc.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2305.16.0_x64__k1h2ywk1493x8 [2023-06-11] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-06-30] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-04-27] (Microsoft Corp.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-03-03] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.183.0_x64__dt26b99r8h8gj [2020-03-08] (Realtek Semiconductor Corp)
SmartAudio 3 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.39.0_x64__qt57b6kdvhcfw [2020-03-08] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-07-06] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4128794808-1625656583-1006771146-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Miloš Marčík\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.28402\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4128794808-1625656583-1006771146-1001 -> DefaultScope {763C2C2F-AAF4-4EA3-89BC-94C7CDB394E8} URL =
SearchScopes: HKU\S-1-5-21-4128794808-1625656583-1006771146-1001 -> {763C2C2F-AAF4-4EA3-89BC-94C7CDB394E8} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-21] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-02-18 14:02 - 2022-02-23 17:17 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Miloš Marčík\Desktop\Adámkovy 4. narozeniny (19).JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Wireless-AC 9560 160MHz -> Netwtw10.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{75268261-E71A-4C97-BA7C-DFAA6E4E8E47}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{570D99C6-0A67-4288-B510-866D49001A4C}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{341C5D69-4A3A-4C5C-8824-E96BAEB4A8D9}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [TCP Query User{ECECE607-E8EB-4377-BF88-5493B5CD460E}C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
FirewallRules: [UDP Query User{61ECD7ED-9CA4-4B94-960D-7F8410D131FD}C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
FirewallRules: [{8B8701C0-061C-488F-9C33-6F456F2AAB2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A79D49F-3950-48BC-9B8E-1C1DA4815960}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{18B161C7-2800-4C53-8497-6195B8C506AD}C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
FirewallRules: [UDP Query User{60151FF4-085B-46E8-9C07-72DB42AC0838}C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
FirewallRules: [{993DF51E-07CD-41FF-B627-6E0AEC5B9E85}] => (Allow) C:\Users\Miloš Marčík\AppData\Local\Temp\7zS3A14\HP.EasyStart.exe => No File
FirewallRules: [{F809A6EF-0BC3-425C-BA7B-616AD6778C2A}] => (Allow) C:\Users\Miloš Marčík\AppData\Local\Temp\7zS0B3E\HP.EasyStart.exe => No File
FirewallRules: [{4E0492DD-06B0-4E7E-9AF6-9538673CB5D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F88A0DCD-711A-4645-BFDD-4FB8C46D08F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6CD733E1-9E6D-4AC6-9F9C-3AAD6E920A03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3F38FD0-D7C0-424C-B801-BD9F396572D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39111FBD-5F1F-4BAF-B55A-0B365F0E83E0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8DDE01C-4B13-43BF-AB22-EE7EF2F85770}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA27E99F-C368-4DA8-A597-109828471182}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15F2D261-A3C2-41D0-91F3-D34B3AFA02CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61ECFF09-BE8D-49B9-B41B-69E96D464C8C}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9218A57-26FB-4D7E-9423-0CD4751CE572}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB514861-D89B-40E6-9356-31B21525CCA1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.402.3249.3850_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9FFC307D-8BDF-4691-82AB-785633EF5D28}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.402.3249.3850_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9EDA86F9-4402-48D8-A0F2-A91C6EB22DDA}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{F4A7CA55-7067-4B49-9623-85DF011FE4DA}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{24E16993-936E-484B-A300-3442BE19E106}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{03DC1104-A344-471F-9486-D857173C6CDE}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{0EA384AD-540C-49B6-95F7-ED5BBD8472B3}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
==================== Restore Points =========================
16-11-2024 19:08:49 Naplánovaný kontrolní bod
24-11-2024 18:03:16 Naplánovaný kontrolní bod
01-12-2024 18:18:38 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/06/2024 09:11:45 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 09:11:44 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 09:11:43 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 09:11:42 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 08:42:49 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 08:42:48 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 08:42:47 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 08:42:46 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
System errors:
=============
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CxUIUSvc Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restartovat službu.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast SecureLine VPN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Graphics Command Center Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2024-12-05 11:50:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1854624C-7831-4BB2-A8F5-9C53EC77B1FB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-03 10:28:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A432EECD-A9A7-4FBE-A418-960E11B789B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-02 12:40:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8495F183-58A7-40E0-AAD7-6F0FCEEF280C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-30 10:43:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A75F289B-7209-4D7F-8551-F6081E673461}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-29 10:34:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB615DE2-8930-4427-AB47-772CEAB70305}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2024-12-06 19:07:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO CNCN20WW 12/30/2021
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 66%
Total physical RAM: 8020.48 MB
Available physical RAM: 2656.13 MB
Total Virtual: 9620.48 MB
Available Virtual: 3993.34 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:345.9 GB) (Model: Micron MTFDHBA512TCK) NTFS
Drive e: (Elements) (Fixed) (Total:931.48 GB) (Free:356.84 GB) (Model: WD Elements 2621 USB Device) NTFS
\\?\Volume{d378f993-32f2-4c52-837b-6575331c0905}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.14 GB) NTFS
\\?\Volume{7e2f136c-7150-4eef-8b77-61717a26edbc}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: EF51F02D)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==================== End of Addition.txt =======================
prosím o kontrolu logu ještě u tohoto počítače, je velmi pomalý, samovolně se vypíná prohlížeč Seznam.cz. Je tento prohlížeč bezpečný ? Níže logy z ADW a FRST:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-06-2024
# Duration: 00:00:42
# OS: Windows 11 (Build 22631.3737)
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Miloš Marčík\AppData\Local\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1932 octets] - [06/12/2024 19:20:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2024
Ran by Miloš Marčík (administrator) on LAPTOP-F901P80G (LENOVO 81NG) (06-12-2024 19:26:46)
Running from C:\Users\Miloš Marčík\Downloads\FRST64.exe
Loaded Profiles: Miloš Marčík
Platform: Microsoft Windows 11 Home Version 23H2 22631.3737 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <34>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_b117548b2e075ba1\aesm_service.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.5.127.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_3\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [881440 2019-06-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427816 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\Run: [sznAgent] => C:\Users\Miloš Marčík\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe [168296 2024-08-12] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\Run: [MicrosoftEdgeAutoLaunch_5FC1D94A0E061FED51A13A98774E7F57] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883576 2024-06-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\Run: [AvastBrowserAutoLaunch_1B00B96191D1CB58BD82771BDE6E3773] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3171424 2024-11-06] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG4200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDB9.DLL [30208 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG4200 series: C:\WINDOWS\system32\CNMLMB9.DLL [389120 2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\130.0.27176.93\Installer\chrmstp.exe [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2024-12-06]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" could not be unlocked. <==== ATTENTION
Task: {9327452F-AA54-4313-981E-EDE6C153676E} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {127D0B43-4B1A-4C7D-8594-48DB18EFDFEC} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3171424 2024-11-06] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {D8C5849D-B115-4169-93D2-33C90FEBC9B4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3171424 2024-11-06] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {52EEDEAF-776C-449A-82AD-FE16C4863E8F} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8289064 2024-11-13] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {52514AED-F6A9-4AC4-BD57-60985236F6A0} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5209384 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {ED516C09-277E-4CA5-98AE-EE20191327BC} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5974312 2024-12-06] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {0D822DC6-83D7-48A9-AABD-7EC1AD8BC00F} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [3914536 2024-12-06] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {64DC51D9-AABB-48D4-922D-7C3F1C5962E2} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [8289064 2024-11-12] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {54599634-05BC-446E-B7F9-728F6C9B898B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {78BE474E-0075-4F05-A314-3443AE32AD81} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {67433AD0-75C8-4047-94D2-A0A88A1269D8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {B20EEAF4-928F-499D-B187-F5018568D5C2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F6CD35F5-223B-4688-84CE-A13306EE82D8} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {B228150F-B854-4A59-8D14-EF9CCC292B20} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {30382710-843B-4FFE-A06B-A131F16DED0E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\14f65362-9f3c-40ee-bdd1-52fcdb2b6005 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {413DFC39-589C-4E7E-8943-3EC930C39602} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\532210af-6953-4d26-b9e3-bd89cde5e0de => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {7D2E5427-97E5-42D8-B498-4AB0A6270FB7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\698c03fc-ba71-442a-82b3-77f9bab79bd4 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {17396FF8-039E-44A7-83E2-8E74FB7912C0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\72e10c42-8d1e-418d-9c2b-17cfa1c63318 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {0EE60389-7331-49E6-ADFC-13646C85C4BF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f3b45b66-7bbd-4377-a013-ad4f582af890 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {AC2E480C-0E06-49B6-99FE-FB4D6D1AE626} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {5CC7A1E0-AFA3-43AA-8AE0-397EE0D52031} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {97DE0794-0E79-47F3-A39D-F0764E9CA82D} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {DDD5987C-4042-40B2-852F-B74FD08C92FE} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {E0CA12DC-F486-46A8-A029-722713DA4A4C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {EF868470-A2BE-4702-AFA5-B4D15ECF0A1B} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {651821EA-0670-42A0-AD88-A4FF1ACB7EF5} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {5792B026-1889-44A0-BE11-F05594F70A5E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {FCAEB230-CB9E-4CEE-94B5-E419E6BA6183} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {54D1E98B-8539-4FD0-8F76-E4D8AFB204AD} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {E5CFD445-6F16-4784-A3F0-375D9A34A8F1} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {25B66D82-ECD2-4DBE-AFDB-D6E08D1A6264} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {A9B40DB8-827E-4B6D-9124-9A9301AB0F4A} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {84A444D5-70F7-44C6-9F06-22B10CC08F82} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.181\x64\IdleScheduleEventAction.exe [143768 2024-11-01] (Lenovo -> )
Task: {39C38B6B-BFB6-472A-A4A3-071284EF6D2C} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {D3F1C191-FB61-4E50-818A-2F4C9C1235C8} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {62563578-A2F2-41DE-B0A5-237716683257} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\uninstall.exe [340968 2024-09-12] (Lenovo -> Lenovo)
Task: {C9CDDEEB-BCFE-419C-9272-181CC1E58460} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe [5472312 2024-06-29] (Microsoft Windows -> Microsoft Corporation)
Task: {687E2E6A-D032-4DBC-B4FA-058C5BAA1C9C} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4565048 2024-01-23] (McAfee, LLC -> McAfee, LLC)
Task: {D89B0054-BFD1-4924-85D8-F158D4060160} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.117\DADUpdater.exe [4098112 2024-05-22] (McAfee, LLC -> McAfee, LLC)
Task: {00FDB4ED-23DA-4A2B-9F4C-DA9F6415FE6C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1072968 2020-03-23] (McAfee, LLC -> McAfee, LLC)
Task: {F632A95B-5C4F-4B6D-855B-D29ACC6D9988} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [761528 2020-03-29] (McAfee, LLC -> McAfee, LLC.)
Task: {3A09CCEE-C46A-4837-BF9E-45258553B6AB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {BCFEE827-D008-44BB-ADBA-F355BF33D71B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {C54746D3-E1D8-4888-9D4B-9C6E198D6EBB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221848 2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {AF010D7E-16FE-4B7B-94F0-B501B8F35CCF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221848 2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {6ADD9AA8-3F8C-42D0-97EC-96428B739D26} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {CCE5C67E-B1FA-401C-A2C4-85EDE3F0D66D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {68722AE4-7FD1-47CF-9706-57EB14878FB0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {EBF1D940-ECEB-493A-B4E0-E176B4DC9459} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {42BF8062-1A40-41C1-A9B1-811EB85AE6DF} - System32\Tasks\S-1-5-21-4128794808-1625656583-1006771146-1001\DataSenseLiveTileTask => %SystemRoot%\System32\DataUsageLiveTileTask.exe (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f263260c-46aa-41b2-b475-fd5555131ee9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f263260c-46aa-41b2-b475-fd5555131ee9}: [DhcpDomain] home
Tcpip\..\Interfaces\{f263260c-46aa-41b2-b475-fd5555131ee9}\65F6461666F6E65602237484A7: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f263260c-46aa-41b2-b475-fd5555131ee9}\65F6461666F6E65602237484A7: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Miloš Marčík\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path= [2021-09-26] <==== ATTENTION
Edge Profile: C:\Users\Miloš Marčík\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-06]
Edge DownloadDir: Default -> C:\Users\Miloš Marčík\Downloads
Edge Extension: (Dokumenty Google offline) - C:\Users\Miloš Marčík\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Miloš Marčík\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2024-12-04] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-04-18] (McAfee, LLC -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-04-18] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7308072 2024-12-05] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776488 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2362664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1222952 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\130.0.27176.93\elevation_service.exe [1880632 2024-11-06] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-12-05] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-21] (Microsoft Corporation -> Microsoft Corporation)
S2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [82792 2019-05-12] (Synaptics Incorporated -> Conexant Systems LLC.)
S2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1641416 2019-05-13] (Dolby Laboratories, Inc. -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-06-15] (HP Inc. -> HP Inc.)
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe [34256 2024-09-12] (Lenovo -> Lenovo)
S2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1643688 2019-05-06] (Lenovo -> Lenovo(beijing) Limited)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [926176 2024-12-04] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_3\McApExe.exe [765184 2020-04-24] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [460704 2019-08-14] (McAfee, LLC. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.5.127.0\McCSPServiceHost.exe [2687592 2020-04-10] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1161032 2022-07-14] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-02-20] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-02-20] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-02-20] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1738176 2020-03-24] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1371456 2020-04-01] (McAfee, LLC -> McAfee, LLC)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12779816 2024-12-06] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [234056 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [383040 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [296008 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [84552 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [28280 2024-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [28736 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274504 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [550984 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97864 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [69184 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [954944 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1424448 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203848 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381512 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [80696 2024-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 aswWireGuard; C:\WINDOWS\System32\drivers\aswWireguard.sys [174864 2024-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-04-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-04-12] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226496 2020-03-23] (McAfee, LLC -> McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [528824 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [381360 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86144 2020-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522168 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [999352 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [595592 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108168 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116872 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-04-21] (McAfee, Inc. -> McAfee, LLC)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2023-06-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-06-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-15] (Microsoft Windows -> Microsoft Corporation)
R3 aswArDisk; no ImagePath
S3 MpKsl2d2c3b86; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBB66186-596A-47E1-86E0-05C6A13A7EE1}\MpKslDrv.sys [X]
S3 MpKsl350d24e4; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBB66186-596A-47E1-86E0-05C6A13A7EE1}\MpKslDrv.sys [X]
S3 MpKsla0ca24b2; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBB66186-596A-47E1-86E0-05C6A13A7EE1}\MpKslDrv.sys [X]
S3 MpKsle481038e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BBB66186-596A-47E1-86E0-05C6A13A7EE1}\MpKslDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-06 19:26 - 2024-12-06 19:27 - 000033113 _____ C:\Users\Miloš Marčík\Downloads\FRST.txt
2024-12-06 19:26 - 2024-12-06 19:27 - 000000000 ____D C:\FRST
2024-12-06 19:25 - 2024-12-06 19:26 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\FRST64.exe
2024-12-06 19:24 - 2024-12-06 19:24 - 000001640 _____ C:\Users\Miloš Marčík\Desktop\241206 ADW.txt
2024-12-06 19:19 - 2024-12-06 19:21 - 000000000 ____D C:\AdwCleaner
2024-12-06 19:19 - 2024-12-06 19:19 - 008790880 _____ (Malwarebytes) C:\Users\Miloš Marčík\Downloads\AdwCleaner.exe
2024-12-06 19:19 - 2024-12-06 19:19 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 696476.crdownload
2024-12-06 19:19 - 2024-12-06 19:19 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 487730.crdownload
2024-12-06 19:15 - 2024-12-06 19:15 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 433995.crdownload
2024-12-06 19:13 - 2024-12-06 19:13 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 491837.crdownload
2024-12-06 19:09 - 2024-12-06 19:09 - 000002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2024-12-06 19:09 - 2024-12-06 19:09 - 000002148 _____ C:\Users\Public\Desktop\Avast SecureLine VPN.lnk
2024-12-06 19:07 - 2024-12-06 19:07 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 847549.crdownload
2024-12-06 19:07 - 2024-12-06 19:07 - 000002145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2024-12-06 19:07 - 2024-12-06 19:07 - 000002133 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2024-12-06 19:06 - 2024-12-05 14:54 - 000315688 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
2024-12-06 19:00 - 2024-12-06 19:00 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 806923.crdownload
2024-12-06 19:00 - 2024-12-06 19:00 - 002402304 _____ (Farbar) C:\Users\Miloš Marčík\Downloads\Nepotvrzeno 733754.crdownload
2024-12-06 18:58 - 2024-12-06 18:58 - 000249072 _____ (Gen Digital Inc.) C:\Users\Miloš Marčík\Downloads\online_instalační_soubor_aplikace_avast_free_antivirus (1).exe
2024-12-06 15:16 - 2024-12-06 15:29 - 000000000 ____D C:\Users\Miloš Marčík\Desktop\Nová složka 127
2024-12-06 08:46 - 2024-12-06 08:46 - 000693828 _____ C:\WINDOWS\system32\perfh005.dat
2024-12-06 08:46 - 2024-12-06 08:46 - 000143682 _____ C:\WINDOWS\system32\perfc005.dat
2024-12-06 08:44 - 2024-12-06 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2024-12-05 14:56 - 2024-12-05 14:56 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2024-12-05 14:56 - 2024-12-05 14:56 - 000002496 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2024-12-05 14:56 - 2024-12-05 14:56 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Roaming\Avast Software
2024-12-05 14:55 - 2024-12-06 19:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-12-05 14:55 - 2024-12-05 14:57 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Local\AVAST Software
2024-12-05 14:55 - 2024-12-05 14:55 - 000003844 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2024-12-05 14:55 - 2024-12-05 14:55 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2024-12-05 14:55 - 2024-12-05 14:55 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2024-12-05 14:55 - 2024-12-05 14:55 - 000003260 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2024-12-05 14:55 - 2024-12-05 14:55 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2024-12-05 14:54 - 2024-12-06 19:09 - 000000000 ____D C:\ProgramData\Avast Software
2024-12-05 14:54 - 2024-12-06 19:09 - 000000000 ____D C:\Program Files\Avast Software
2024-12-05 14:54 - 2024-12-05 14:54 - 000050976 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2024-12-05 14:54 - 2024-12-05 14:54 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-12-05 14:53 - 2024-12-05 14:53 - 000249072 _____ (Gen Digital Inc.) C:\Users\Miloš
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-12-06 19:22 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-06 19:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-06 19:12 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-12-06 19:06 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-12-06 18:52 - 2023-04-12 17:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-06 18:17 - 2020-05-24 07:34 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Roaming\Microsoft\Excel
2024-12-06 18:17 - 2020-05-24 02:08 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Roaming\Microsoft\Word
2024-12-06 14:58 - 2020-03-08 07:16 - 000000000 ____D C:\ProgramData\Goodix
2024-12-06 08:46 - 2023-04-12 17:35 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-12-06 08:42 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-06 08:42 - 2020-10-18 16:13 - 000012516 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2024-12-06 08:42 - 2020-05-11 06:35 - 000000000 ___RD C:\Users\Miloš Marčík\OneDrive
2024-12-06 08:42 - 2020-03-08 07:14 - 000000000 ____D C:\WINDOWS\CxSvc
2024-12-06 08:41 - 2023-04-12 17:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-06 08:41 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-12-06 08:41 - 2021-02-20 22:27 - 000012288 ___SH C:\DumpStack.log.tmp
2024-12-06 08:41 - 2020-05-11 06:33 - 000000000 __SHD C:\Users\Miloš Marčík\IntelGraphicsProfiles
2024-12-06 08:41 - 2020-03-08 05:54 - 000000000 ___HD C:\Intel
2024-12-05 22:55 - 2022-05-07 06:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-12-05 14:58 - 2021-10-05 13:45 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Local\D3DSCache
2024-12-04 19:52 - 2023-04-12 17:25 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4128794808-1625656583-1006771146-1001
2024-12-04 19:52 - 2023-04-12 17:25 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4128794808-1625656583-1006771146-1001
2024-12-04 19:52 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-04 19:52 - 2021-02-20 22:27 - 000002413 _____ C:\Users\Miloš Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-03 18:47 - 2020-05-11 06:33 - 000000000 ____D C:\Users\Miloš Marčík\AppData\Local\Packages
2024-12-02 15:52 - 2024-10-04 10:52 - 000000000 ____D C:\Users\Miloš Marčík\Desktop\Přehledy Pražské vycházky a jiné - kopie
2024-12-01 22:07 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-11-24 17:21 - 2023-04-12 17:25 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-24 17:21 - 2023-04-12 17:25 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-21 11:08 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-06 19:58 - 2024-08-16 19:53 - 000000000 ____D C:\Users\Miloš Marčík\Desktop\Česko - francouzský slovník
==================== Files in the root of some directories ========
2022-02-02 14:07 - 2022-02-02 14:07 - 000000544 _____ () C:\Program Files (x86)\LMIR0C070001.tmp_r.bat
2022-02-02 14:34 - 2022-02-02 14:34 - 000000780 _____ () C:\Users\Miloš Marčík\AppData\Local\LMIR0C05D001.tmp.bat
2022-02-02 14:34 - 2022-02-02 14:34 - 000000577 _____ () C:\Users\Miloš Marčík\AppData\Local\LMIR0C05D001.tmp_r.bat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by Miloš Marčík (06-12-2024 19:30:30)
Running from C:\Users\Miloš Marčík\Downloads
Microsoft Windows 11 Home Version 23H2 22631.3737 (X64) (2023-04-12 16:27:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-4128794808-1625656583-1006771146-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4128794808-1625656583-1006771146-503 - Limited - Disabled)
Guest (S-1-5-21-4128794808-1625656583-1006771146-501 - Limited - Disabled)
Miloš Marčík (S-1-5-21-4128794808-1625656583-1006771146-1001 - Administrator - Enabled) => C:\Users\Miloš Marčík
WDAGUtilityAccount (S-1-5-21-4128794808-1625656583-1006771146-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.11.9615.2285 - Gen Digital Inc.)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 130.0.27176.93 - Gen Digital Inc.)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 24.11.10832.13952 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
Intel(R) Chipset Device Software (HKLM\...\{351A0D24-F6F1-4105-AA50-5D2CCC71E0DD}) (Version: 10.1.18019.8144 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2.24.0 - Lenovo Group Ltd.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R25 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.81 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.17726.20126 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\OneDriveSetup.exe) (Version: 24.221.1103.0003 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\f9a89bd2a46a7606) (Version: 17.0.4589.1 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20090 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Prohlížeč Seznam.cz (HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\...\Seznam Browser) (Version: 6.24.3 - Seznam.cz a.s.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.990 - McAfee, LLC)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt [2023-06-09] (INTEL CORP) [Startup Task]
Dolby Audio Speaker System -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudioSpeakerSystem_3.20402.409.0_x64__rz1tebttyb220 [2020-03-08] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-02] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_146.2.1055.0_x64__v10z8vjag6ke6 [2023-06-24] (HP Inc.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2305.16.0_x64__k1h2ywk1493x8 [2023-06-11] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-06-30] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-04-27] (Microsoft Corp.)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-03-03] (Netflix, Inc.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.183.0_x64__dt26b99r8h8gj [2020-03-08] (Realtek Semiconductor Corp)
SmartAudio 3 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.39.0_x64__qt57b6kdvhcfw [2020-03-08] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-07-06] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4128794808-1625656583-1006771146-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Miloš Marčík\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.28402\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-12-05] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-4128794808-1625656583-1006771146-1001 -> DefaultScope {763C2C2F-AAF4-4EA3-89BC-94C7CDB394E8} URL =
SearchScopes: HKU\S-1-5-21-4128794808-1625656583-1006771146-1001 -> {763C2C2F-AAF4-4EA3-89BC-94C7CDB394E8} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-07-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-07-21] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-04-18] (McAfee, LLC -> McAfee, LLC)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-02-18 14:02 - 2022-02-23 17:17 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4128794808-1625656583-1006771146-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Miloš Marčík\Desktop\Adámkovy 4. narozeniny (19).JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Wireless-AC 9560 160MHz -> Netwtw10.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{75268261-E71A-4C97-BA7C-DFAA6E4E8E47}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{570D99C6-0A67-4288-B510-866D49001A4C}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{341C5D69-4A3A-4C5C-8824-E96BAEB4A8D9}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [TCP Query User{ECECE607-E8EB-4377-BF88-5493B5CD460E}C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
FirewallRules: [UDP Query User{61ECD7ED-9CA4-4B94-960D-7F8410D131FD}C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
FirewallRules: [{8B8701C0-061C-488F-9C33-6F456F2AAB2D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A79D49F-3950-48BC-9B8E-1C1DA4815960}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{18B161C7-2800-4C53-8497-6195B8C506AD}C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
FirewallRules: [UDP Query User{60151FF4-085B-46E8-9C07-72DB42AC0838}C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe] => (Block) C:\users\miloš marčík\appdata\roaming\seznam browser\seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
FirewallRules: [{993DF51E-07CD-41FF-B627-6E0AEC5B9E85}] => (Allow) C:\Users\Miloš Marčík\AppData\Local\Temp\7zS3A14\HP.EasyStart.exe => No File
FirewallRules: [{F809A6EF-0BC3-425C-BA7B-616AD6778C2A}] => (Allow) C:\Users\Miloš Marčík\AppData\Local\Temp\7zS0B3E\HP.EasyStart.exe => No File
FirewallRules: [{4E0492DD-06B0-4E7E-9AF6-9538673CB5D6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F88A0DCD-711A-4645-BFDD-4FB8C46D08F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6CD733E1-9E6D-4AC6-9F9C-3AAD6E920A03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3F38FD0-D7C0-424C-B801-BD9F396572D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3407.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39111FBD-5F1F-4BAF-B55A-0B365F0E83E0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.81\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8DDE01C-4B13-43BF-AB22-EE7EF2F85770}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA27E99F-C368-4DA8-A597-109828471182}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{15F2D261-A3C2-41D0-91F3-D34B3AFA02CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61ECFF09-BE8D-49B9-B41B-69E96D464C8C}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9218A57-26FB-4D7E-9423-0CD4751CE572}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EB514861-D89B-40E6-9356-31B21525CCA1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.402.3249.3850_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9FFC307D-8BDF-4691-82AB-785633EF5D28}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.402.3249.3850_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9EDA86F9-4402-48D8-A0F2-A91C6EB22DDA}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{F4A7CA55-7067-4B49-9623-85DF011FE4DA}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{24E16993-936E-484B-A300-3442BE19E106}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{03DC1104-A344-471F-9486-D857173C6CDE}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{0EA384AD-540C-49B6-95F7-ED5BBD8472B3}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
==================== Restore Points =========================
16-11-2024 19:08:49 Naplánovaný kontrolní bod
24-11-2024 18:03:16 Naplánovaný kontrolní bod
01-12-2024 18:18:38 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/06/2024 09:11:45 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 09:11:44 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 09:11:43 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 09:11:42 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 08:42:49 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 08:42:48 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 08:42:47 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
Error: (12/06/2024 08:42:46 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_OFF došlo k chybě.
System errors:
=============
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CxUIUSvc Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restartovat službu.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast SecureLine VPN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (12/06/2024 07:21:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Graphics Command Center Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2024-12-05 11:50:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1854624C-7831-4BB2-A8F5-9C53EC77B1FB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-03 10:28:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A432EECD-A9A7-4FBE-A418-960E11B789B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-02 12:40:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8495F183-58A7-40E0-AAD7-6F0FCEEF280C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-30 10:43:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A75F289B-7209-4D7F-8551-F6081E673461}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-29 10:34:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB615DE2-8930-4427-AB47-772CEAB70305}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-04-27 09:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1159.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2024-12-06 19:07:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO CNCN20WW 12/30/2021
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 66%
Total physical RAM: 8020.48 MB
Available physical RAM: 2656.13 MB
Total Virtual: 9620.48 MB
Available Virtual: 3993.34 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:345.9 GB) (Model: Micron MTFDHBA512TCK) NTFS
Drive e: (Elements) (Fixed) (Total:931.48 GB) (Free:356.84 GB) (Model: WD Elements 2621 USB Device) NTFS
\\?\Volume{d378f993-32f2-4c52-837b-6575331c0905}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.14 GB) NTFS
\\?\Volume{7e2f136c-7150-4eef-8b77-61717a26edbc}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: EF51F02D)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==================== End of Addition.txt =======================
