Kontola logu - chyba pluginsd.js Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod jaro3 » 08 dub 2022 16:59

AV: Symantec Endpoint Protection (Enabled - Up to date)
FW: Symantec Endpoint Protection (Enabled)
Psal jsem vypnout antivir.. i firewall..


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-02-14] (Adobe Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0F1A12B3-6D23-40B2-B2DD-C347CD85314A} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {22204366-8591-40F2-9F1E-5E1277421EF0} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {64975F98-18DA-4BEF-9F2D-EBB123C10B60} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2326126467-407937288-474921760-6476 => C:\Users\U50457\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {6DCB50AC-6925-4E1E-84C9-9AD670B2655A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {7AEDD8A1-8F3D-4EAC-9D02-48610472338D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {8B0B41E5-2F22-421C-B561-65E04D1666B4} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {A6647466-A512-495E-9498-B262A52A20A8} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2326126467-407937288-474921760-6476 => C:\Users\U50457\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {ACC9F884-A1E5-428A-A75F-A5042C047F0C} - System32\Tasks\TiniTask => C:\Users\Default\Links\pluginsd.js (No File)
Task: {BEBF62D4-6903-4A94-B000-F3EDD1D8328E} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (No File)
Task: {CEE69677-9C22-49D4-BF28-7AA25A2898A5} - System32\Tasks\TinyTask => C:\Users\Default\Links\plugins.js (No File)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll => No File
CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe => No File
ShellIconOverlayIdentifiers: [  MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [  MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [  MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [  MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [  MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [  MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_S-1-5-21-2326126467-407937288-474921760-20846: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => -> No File
FirewallRules: [{1DE620B9-D596-49D2-BEA8-646FA18C784C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{235CE627-5429-4F2A-B86D-AD6562078234}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.


Tohle Ti něco říká:
C:\Users\U50457\AppData\Local\CPAUTO.tmp.c8tgpm
C:\Users\U50457\AppData\Local\CPAUTO.tmp.cbngsx
C:\Users\U50457\AppData\Local\CPAUTO.tmp.dkvc8z
C:\Users\U50457\AppData\Local\CPAUTO.tmp.kiuin6
C:\Users\U50457\AppData\Local\CPAUTO.tmp.kn4y2p
C:\Users\U50457\AppData\Local\CPAUTO.tmp.v3pyrn
C:\Users\U50457\AppData\Local\CPAUTO.tmp.v72knj
?

Pak napiš zda ta hláška zmizela.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Reklama
Top
nohic
nováček
Příspěvky: 25
Registrován: březen 22
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod nohic » 09 dub 2022 08:22

Symantec jsem vypínal, ale nevím, jak to máme v systému nastavené, jak to mají nastavené správci sítě. Kdo ví jak, neumí mi ani poradit s problémem, který řešíme, za co jsem opravdu rád a děkuji za to.

V pondělí to vyzkouším a dám vědět. Jen pro info, chybová hláška vyskakovala 2x po sobě... nyní vyskakuje dialogové okno s chybou jen jedno.

Co se týká tmp souborů, tak to mi neříká nic. To bude nějaký balast.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod jaro3 » 09 dub 2022 15:09

Ok.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
C:\Users\U50457\AppData\Local\CPAUTO.tmp.c8tgpm
C:\Users\U50457\AppData\Local\CPAUTO.tmp.cbngsx
C:\Users\U50457\AppData\Local\CPAUTO.tmp.dkvc8z
C:\Users\U50457\AppData\Local\CPAUTO.tmp.kiuin6
C:\Users\U50457\AppData\Local\CPAUTO.tmp.kn4y2p
C:\Users\U50457\AppData\Local\CPAUTO.tmp.v3pyrn
C:\Users\U50457\AppData\Local\CPAUTO.tmp.v72knj
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Možná jsem jeden task přehlédl , takže pak bude třebe ještě jeden sken frst. Až potom.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
nohic
nováček
Příspěvky: 25
Registrován: březen 22
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod nohic » 11 dub 2022 06:03

Fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-04-2022
Ran by U50457 (11-04-2022 05:53:33) Run:1
Running from C:\Users\U50457\Desktop
Loaded Profiles: U50457 & OEM
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
C:\Users\U50457\AppData\Local\CPAUTO.tmp.c8tgpm
C:\Users\U50457\AppData\Local\CPAUTO.tmp.cbngsx
C:\Users\U50457\AppData\Local\CPAUTO.tmp.dkvc8z
C:\Users\U50457\AppData\Local\CPAUTO.tmp.kiuin6
C:\Users\U50457\AppData\Local\CPAUTO.tmp.kn4y2p
C:\Users\U50457\AppData\Local\CPAUTO.tmp.v3pyrn
C:\Users\U50457\AppData\Local\CPAUTO.tmp.v72knj
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Users\U50457\AppData\Local\CPAUTO.tmp.c8tgpm => moved successfully
C:\Users\U50457\AppData\Local\CPAUTO.tmp.cbngsx => moved successfully
C:\Users\U50457\AppData\Local\CPAUTO.tmp.dkvc8z => moved successfully
C:\Users\U50457\AppData\Local\CPAUTO.tmp.kiuin6 => moved successfully
C:\Users\U50457\AppData\Local\CPAUTO.tmp.kn4y2p => moved successfully
C:\Users\U50457\AppData\Local\CPAUTO.tmp.v3pyrn => moved successfully
C:\Users\U50457\AppData\Local\CPAUTO.tmp.v72knj => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11626729 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 76457424 B
Edge => 0 B
Firefox => 808866263 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 9216 B
ProgramData => 9216 B
Public => 9216 B
systemprofile => 9216 B
systemprofile32 => 9216 B
LocalService => 14400 B
NetworkService => 14400 B
a66096 => 14400 B
U50457 => 28996374 B
a10916 => 28996374 B
A51743 => 28996374 B
OEM => 29010956 B

RecycleBin => 0 B
EmptyTemp: => 966.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 05:53:59 ====


Chyba se po restartu objevila...
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod jaro3 » 11 dub 2022 16:54

Znova udělej frst , oba logy.

Je to stejná chyba? Vlož sem ještě jednou obrázek té chyby.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
nohic
nováček
Příspěvky: 25
Registrován: březen 22
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod nohic » 12 dub 2022 05:39

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-04-2022 03
Ran by U50457 (administrator) on W-SAS-2017082 (LENOVO 20HAS0B200) (12-04-2022 05:36:38)
Running from C:\Users\U50457\Desktop
Loaded Profiles: U50457
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1620 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Notes\nlnotes.exe ->) (International Business Machines Corporation -> IBM Corp) C:\Notes\ntaskldr.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(DeviceSettingsHeartbeatAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoSecurityAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(SmartInteractAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(International Business Machines -> IBM) C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\notes2.exe
(International Business Machines Corporation -> IBM Corp) C:\Notes\nlnotes.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(rmc.exe ->) (MagikINFO s.r.o. -> MagikINFO s.r.o.) C:\Program Files\PCService\winmgr.exe
(services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Broadcom Inc -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\sepWscSvc64.exe
(services.exe ->) (GlavSoft LLC -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe <2>
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Identity Agent\MADService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (International Business Machines Corporation -> IBM) C:\Notes\nsd.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (MagikINFO s.r.o. -> ) C:\Windows\System32\rmc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\ccSvcHst.exe <2>
(services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\ccSvcHst.exe
(services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\SAEP\Common Agent Framework\CAFServiceMain.exe
(services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\SAEP\IDS\bin\SISIDSService.exe
(services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\SAEP\IPS\bin\SISIPSService.exe
(services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\SAEP\IPS\bin\sisipsutil.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1725408 2017-03-14] (GlavSoft LLC -> GlavSoft LLC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-02-14] (Adobe Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-02-14] (Adobe Inc. -> )
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1592440 2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Run: [MicrosoftEdgeAutoLaunch_0FA2AAF1B1FBAB38F04D00347C40E9AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540384 2022-04-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.dll [92680 2016-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.)
HKLM\...\Windows x64\Print Processors\OKX055PP: C:\Windows\System32\spool\prtprocs\x64\OKX055PP.DLL [52224 2015-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Windows x64\Print Processors\OPATPP3: C:\Windows\System32\spool\prtprocs\x64\OPATPP3.DLL [41984 2013-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [25608 2016-02-11] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\C4050iSeriesPCL Language Monitor: C:\WINDOWS\system32\KOAXNJ_L.dll [34328 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\Oki Common XP64 Language Monitor: C:\WINDOWS\system32\OKLMON64.DLL [27648 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\WINDOWS\system32\OPPFLM64.DLL [24064 2011-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BB0F756-A8BF-4D21-8F43-179414D45801} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {0F1A12B3-6D23-40B2-B2DD-C347CD85314A} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {0FB7E9E5-6AB6-489C-8477-6EBC3E86FB4B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
Task: {1591E91C-395A-4C98-9895-38E0C8442981} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {20941E6C-0A23-4B67-BC98-97F37C8F8439} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {22204366-8591-40F2-9F1E-5E1277421EF0} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {25A557DA-10C5-4967-AD4B-BBAC0A4B1D03} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {2B2DAEE0-8ACB-4F3C-BD7C-161725B742BD} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\SymErr.exe [91048 2022-01-21] (Symantec Corporation -> Broadcom)
Task: {52DD7655-B0EB-40E7-A491-A7EF53E81C9A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111512 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {586178B8-BBD7-4292-933E-78670E05B477} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {5D4F8AD9-035C-4B13-8131-A9C232AB035A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {5F1581C5-ADE2-45AB-B178-F82B14B08F4E} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\SymErr.exe [91048 2022-01-21] (Symantec Corporation -> Broadcom)
Task: {64975F98-18DA-4BEF-9F2D-EBB123C10B60} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2326126467-407937288-474921760-6476 => C:\Users\U50457\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {6B591284-C384-4493-96D7-60D4840F9D39} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6DCB50AC-6925-4E1E-84C9-9AD670B2655A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {6E1E4B72-0F44-4F8D-BE71-E68172E577C5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {76583926-0678-423E-9191-89585AB66863} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AEDD8A1-8F3D-4EAC-9D02-48610472338D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {87E97DFE-3A24-431B-BCC4-33CA474C1488} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [63936 2021-12-03] (Lenovo -> )
Task: {8AB1B812-0022-48E3-9848-5AD6817570D5} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Autofix => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\SymErr.exe [91048 2022-01-21] (Symantec Corporation -> Broadcom)
Task: {8B0B41E5-2F22-421C-B561-65E04D1666B4} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {917017BA-C9A6-45CF-8693-32386DA5A26F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F4DD0B8-AD7D-4087-9CE4-BE61E5C81901} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
Task: {A6647466-A512-495E-9498-B262A52A20A8} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2326126467-407937288-474921760-6476 => C:\Users\U50457\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {AAD434FA-3E9A-416E-AA48-6511AA0B1EE3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {ACC9F884-A1E5-428A-A75F-A5042C047F0C} - System32\Tasks\TiniTask => C:\Users\Default\Links\pluginsd.js (No File)
Task: {B0A0DB4C-4785-4F0C-9970-5C780A1FB29B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {B50D20FC-F4FA-4390-8478-755219F39CBA} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
Task: {BB95D785-9FB3-4BE1-910F-189CF7FD1A66} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111512 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEBF62D4-6903-4A94-B000-F3EDD1D8328E} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (No File)
Task: {BFD69B42-E164-47E4-B950-6792085030BA} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
Task: {CEE69677-9C22-49D4-BF28-7AA25A2898A5} - System32\Tasks\TinyTask => C:\Users\Default\Links\plugins.js (No File)
Task: {D24AFE09-E2EF-4CA1-9B28-D50D24BF3E5B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {D9F335B2-255A-4598-A900-1B0F195DEDB0} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {EBEE2B85-81A3-41D0-85BE-23ADA22F80CC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {F72CC75A-A945-4FA2-8B94-A3A1FC968B53} - System32\Tasks\CCleanerSkipUAC - U50457 => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
Tcpip\..\Interfaces\{5d47e6f9-bbab-4d6b-8fb8-231c4eefb5c5}: [DhcpNameServer] 78.157.167.7 78.157.167.57
Tcpip\..\Interfaces\{f4e53463-c8e3-4f88-92e1-c2669401e0c7}: [NameServer] 172.25.11.240,172.25.11.241
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
DownloadDir: C:\Users\U50457\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\U50457\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-04-12]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\U50457\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-11]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: avl24k64.default-1648801245445
FF ProfilePath: C:\Users\U50457\AppData\Roaming\Mozilla\Firefox\Profiles\avl24k64.default-1648801245445 [2022-04-12]
FF NewTab: Mozilla\Firefox\Profiles\avl24k64.default-1648801245445 -> about:newtab
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
R2 heCAF; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\SAEP\Common Agent Framework\CAFServiceMain.exe [3341544 2022-01-21] (Symantec Corporation -> Broadcom)
R2 IBM Notes Diagnostics; c:\Notes\nsd.exe [5167680 2018-04-26] (International Business Machines Corporation -> IBM)
S4 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [575216 2018-02-23] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [306928 2018-02-23] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-12-21] (Intel(R) Software Asset Manager -> Intel Corporation)
S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [395000 2018-03-01] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe [28928 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
S4 LNSUSvc; c:\Notes\SUService.exe [1654376 2013-10-15] (International Business Machines Corporation -> IBM Corp)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
R2 MADService; C:\Program Files (x86)\CheckPoint\Identity Agent\MADService.exe [2056920 2021-06-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-04] (Malwarebytes Inc -> Malwarebytes)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14419440 2022-03-07] (ADLICE -> )
R2 RmcSvc; C:\WINDOWS\System32\rmc.exe [200288 2020-01-01] (MagikINFO s.r.o. -> )
R2 RmcSvc; C:\WINDOWS\SysWOW64\rmc.exe [200288 2020-01-01] (MagikINFO s.r.o. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254864 2022-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SepLpsService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\ccSvcHst.exe [156584 2022-01-21] (Symantec Corporation -> Broadcom)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\ccSvcHst.exe [156584 2022-01-21] (Symantec Corporation -> Broadcom)
R2 SepScanService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\bin64\ccSvcHst.exe [191912 2022-01-21] (Symantec Corporation -> Broadcom)
R2 sepWscSvc; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\sepWscSvc64.exe [1369512 2022-01-21] (Broadcom Inc -> Broadcom)
R2 SISIDSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\SAEP\IDS\bin\SISIDSService.exe [7696392 2022-01-21] (Symantec Corporation -> Broadcom)
R2 SISIPSService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\SAEP\IPS\bin\SISIPSService.exe [96776 2022-01-21] (Symantec Corporation -> Broadcom)
R2 SISIPSUtil; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\SAEP\IPS\bin\SISIPSUtil.exe [260104 2022-01-21] (Symantec Corporation -> Broadcom)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\snac64.exe [215320 2022-01-21] (Symantec Corporation -> Broadcom)
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3298208 2017-10-11] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [254112 2022-02-16] (Intel Corporation -> Intel Corporation)
S4 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\TPHKLOAD.exe [465192 2021-03-30] (Lenovo -> Lenovo Group Limited)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1725408 2017-03-14] (GlavSoft LLC -> GlavSoft LLC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S4 Lenovo Instant On; "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe" [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleIPod; C:\WINDOWS\System32\drivers\AppleIPod.sys [30096 2021-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data\Definitions\BASHDefs\20220407.011\BHDrvx64.sys [2018776 2021-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSettings_{C6B0F072-7178-4655-8ABE-C08EAB73DD16}; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\ccSetx64.sys [192320 2021-04-08] (Symantec Corporation -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2022-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2022-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data\Definitions\IPSDefs\20220411.071\IDSvia64.sys [1480144 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2019-12-17] (IObit Information Technology -> IObit)
S3 IMFEFSFileControl; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [40824 2019-08-13] (IObit Information Technology -> IObit)
S3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2019-12-17] (IObit Information Technology -> IObit)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-04] (Malwarebytes Inc -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [51256 2018-03-01] (Intel(R) Online Connect Access -> Intel Corporation)
R1 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo)
S3 SISIDSRegDrv; C:\WINDOWS\System32\Drivers\SISIDSRegDrv.sys [52192 2022-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 SISIPSDeviceFilter; C:\WINDOWS\System32\Drivers\SISIPSDeviceFilter.sys [50664 2022-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SISIPSDriver; C:\WINDOWS\System32\Drivers\SISIPSDriver.sys [369120 2022-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 SISIPSFileFilter; C:\WINDOWS\System32\Drivers\SISIPSFileFilter.sys [88032 2022-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 SISIPSNetFilter; C:\WINDOWS\System32\Drivers\SISIPSNetFilter.sys [66040 2022-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSP; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data\SymPlatform\SRTSP64.SYS [941024 2022-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\SRTSPX64.SYS [42448 2022-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 SyDvCtrl; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\sydvctrl64.sys [37368 2022-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\symefasi\0704020.03D\symefasi64.sys [2048976 2022-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\SymELAM.sys [25608 2022-01-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [93120 2022-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 SymEvnt; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data\SymPlatform\SymEvnt.sys [623192 2022-01-21] (Symantec Corporation -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\Ironx64.SYS [312280 2022-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SYMNETS; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\symnets.sys [574320 2020-11-03] (Symantec Corporation -> Broadcom)
R1 SysPlant; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\sysplant.sys [263216 2022-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 Teefer2; C:\WINDOWS\system32\DRIVERS\Teefer.sys [113104 2022-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2022-04-11] (Adlice -> )
S3 vna_ap; C:\WINDOWS\system32\DRIVERS\vnaap.sys [178920 2017-02-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 vncmirror; C:\WINDOWS\System32\drivers\vncmirror.sys [4608 2008-10-14] (Microsoft Windows Hardware Compatibility Publisher -> RealVNC Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
U1 aswbdisk; no ImagePath
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-12 05:36 - 2022-04-12 05:37 - 000036087 _____ C:\Users\U50457\Desktop\FRST.txt
2022-04-12 05:36 - 2022-04-12 05:36 - 002365952 _____ (Farbar) C:\Users\U50457\Desktop\FRST64.exe
2022-04-12 05:36 - 2022-04-12 05:36 - 000000000 ____D C:\Users\U50457\Desktop\FRST-OlderVersion
2022-04-11 11:57 - 2022-04-11 11:57 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-11 11:57 - 2022-04-11 11:57 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2022-04-11 11:57 - 2022-04-11 11:57 - 000000000 ___HD C:\OneDriveTemp
2022-04-11 11:57 - 2022-04-11 11:57 - 000000000 ____D C:\Users\U50457\AppData\Roaming\smkits
2022-04-08 05:49 - 2022-04-12 05:36 - 000000000 ____D C:\FRST
2022-04-07 05:44 - 2022-04-11 17:44 - 000000000 ____D C:\Program Files\CCleaner
2022-04-07 05:44 - 2022-04-11 05:44 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-07 05:44 - 2022-04-07 05:44 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - U50457
2022-04-07 05:44 - 2022-04-07 05:44 - 000000872 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-04-07 05:44 - 2022-04-07 05:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-04-06 13:54 - 2022-04-11 05:53 - 000000000 ____D C:\Users\U50457\AppData\LocalLow\Temp
2022-04-06 09:40 - 2022-04-06 09:40 - 000001639 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docházka.lnk
2022-04-06 09:40 - 2022-04-06 09:40 - 000001633 _____ C:\Users\Public\Desktop\Docházka.lnk
2022-04-06 08:06 - 2022-04-06 08:06 - 000000000 ____D C:\Users\U50457\AppData\Local\PeerDistRepub
2022-04-06 08:04 - 2022-04-06 09:27 - 001366562 _____ C:\WINDOWS\ZAM.krnl.trace
2022-04-06 08:03 - 2022-04-06 09:27 - 000000000 ____D C:\Users\U50457\AppData\Local\AMSDK
2022-04-06 08:01 - 2022-04-06 08:01 - 000055511 __RSH C:\ProgramData\ntuser.pol
2022-04-06 08:01 - 2022-04-06 08:01 - 000000000 ____D C:\Program Files\Delfin
2022-04-06 07:24 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2022-04-06 05:32 - 2022-04-06 08:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-05 09:33 - 2022-04-12 05:36 - 000000000 ____D C:\Users\U50457\Desktop\malware
2022-04-05 08:50 - 2022-04-05 09:26 - 000000000 ____D C:\ProgramData\RogueKiller
2022-04-05 08:50 - 2022-04-05 08:50 - 000000912 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2022-04-05 08:50 - 2022-04-05 08:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2022-04-05 08:50 - 2022-04-05 08:50 - 000000000 ____D C:\Program Files\RogueKiller
2022-04-05 06:20 - 2022-04-05 06:20 - 000002841 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2022-04-05 06:20 - 2022-04-05 06:20 - 000000000 ____D C:\ProgramData\Sophos
2022-04-05 06:20 - 2022-04-05 06:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2022-04-05 06:20 - 2022-04-05 06:20 - 000000000 ____D C:\Program Files (x86)\Sophos
2022-04-04 11:01 - 2022-04-04 11:01 - 000000000 ____D C:\Users\U50457\AppData\Local\Comms
2022-04-04 05:55 - 2022-04-04 05:55 - 000000000 ____D C:\Users\U50457\AppData\Local\CEF
2022-04-04 05:46 - 2022-04-04 05:46 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-04 05:46 - 2022-04-04 05:46 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-04 05:46 - 2022-04-04 05:46 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-04 05:46 - 2022-04-04 05:46 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-04 05:46 - 2022-04-04 05:46 - 000002036 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-04-04 05:46 - 2022-04-04 05:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-04 05:46 - 2022-04-04 05:46 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-04 05:40 - 2022-04-04 05:55 - 000000000 ____D C:\Users\U50457\AppData\Local\Adobe
2022-04-04 05:30 - 2022-04-04 05:30 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-04 05:30 - 2022-04-04 05:30 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-04 05:30 - 2022-04-04 05:30 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-04-01 10:20 - 2022-04-06 08:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-01 10:20 - 2022-04-06 05:46 - 000001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-01 10:20 - 2022-04-06 05:46 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-01 10:20 - 2022-04-01 10:20 - 000000000 ____D C:\Users\U50457\AppData\Local\Mozilla
2022-04-01 05:42 - 2022-04-01 05:43 - 000000000 ____D C:\AdwCleaner
2022-03-31 13:25 - 2022-04-11 05:49 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-31 12:32 - 2022-03-31 12:33 - 015473560 _____ C:\WINDOWS\system32\RsEyeContactCorrection_Assets.dll
2022-03-31 12:32 - 2022-03-31 12:32 - 017868712 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2022-03-31 12:32 - 2022-03-31 12:32 - 012131224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-03-31 12:27 - 2022-03-31 12:27 - 050126160 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2022-03-31 12:27 - 2022-03-31 12:27 - 006601312 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2022-03-31 12:26 - 2022-03-31 12:26 - 008903232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw06.sys
2022-03-31 12:26 - 2022-03-31 12:26 - 001529416 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter06.dll
2022-03-31 12:24 - 2022-03-31 12:24 - 009906728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2022-03-31 12:24 - 2022-03-31 12:24 - 000786488 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2022-03-31 12:22 - 2022-03-31 12:22 - 000815088 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2022-03-31 12:22 - 2022-03-31 12:22 - 000714184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2022-03-31 12:22 - 2022-03-31 12:22 - 000430536 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2022-03-31 12:22 - 2022-03-31 12:22 - 000345544 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo50-11.dll
2022-03-31 12:22 - 2022-03-31 12:22 - 000275912 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2022-03-31 12:22 - 2022-03-31 12:22 - 000058312 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys
2022-03-31 12:22 - 2022-03-31 12:22 - 000048112 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2022-03-31 12:22 - 2022-03-31 12:22 - 000047088 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2022-03-31 10:06 - 2022-03-31 10:06 - 000000000 ____D C:\Users\U50457\AppData\Local\Tvsukernel
2022-03-31 10:04 - 2022-03-31 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2022-03-31 09:47 - 2022-02-22 01:45 - 000495912 _____ C:\WINDOWS\system32\libvpl.dll
2022-03-31 09:47 - 2022-02-22 01:45 - 000429656 _____ C:\WINDOWS\SysWOW64\libvpl.dll
2022-03-31 09:47 - 2022-02-22 01:44 - 000046488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 001886912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-31 09:47 - 2022-02-22 01:43 - 001886912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-03-31 09:47 - 2022-02-22 01:43 - 001463904 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-31 09:47 - 2022-02-22 01:43 - 001463904 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-31 09:47 - 2022-02-22 01:43 - 001115672 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 001115672 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000969240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000969240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000508792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000459088 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000376160 _____ C:\WINDOWS\system32\ze_loader.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000371592 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000148304 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000049152 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-03-31 09:47 - 2022-02-22 01:42 - 000410560 _____ C:\WINDOWS\system32\ControlLib.dll
2022-03-31 09:47 - 2022-02-22 01:42 - 000294752 _____ C:\WINDOWS\system32\igfxCPL.cpl
2022-03-31 09:38 - 2022-03-31 09:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-03-31 09:37 - 2022-03-31 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software
2022-03-31 09:22 - 2022-03-31 09:22 - 000000000 ____D C:\FibocomLog
2022-03-31 08:56 - 2022-03-31 08:56 - 000000000 ____D C:\Users\U50457\AppData\Local\ElevatedDiagnostics
2022-03-30 05:52 - 2022-03-30 05:52 - 000000000 ____D C:\Users\U50457\AppData\Roaming\QtProject
2022-03-30 05:51 - 2022-03-30 05:52 - 000000000 ____D C:\Program Files (x86)\MiniToolPowerDataRecovery
2022-03-29 12:42 - 2022-03-29 12:42 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-03-29 12:30 - 2022-03-29 12:51 - 000000000 ____D C:\ProgramData\Avast Software
2022-03-29 10:12 - 2022-03-29 10:12 - 000023160 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LHidEqd.sys
2022-03-28 13:40 - 2022-03-28 13:40 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2022-03-28 13:40 - 2022-03-28 13:40 - 000000000 ____D C:\Users\U50457\AppData\Roaming\vlc
2022-03-28 13:40 - 2022-03-28 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-03-28 09:46 - 2022-03-28 09:46 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2326126467-407937288-474921760-6476
2022-03-28 09:45 - 2022-03-28 09:45 - 000000000 ____D C:\WINDOWS\Panther
2022-03-27 21:17 - 2022-03-27 21:17 - 000906216 _____ (Lenovo) C:\WINDOWS\system32\LPlatSvc.exe
2022-03-27 21:17 - 2022-03-27 21:17 - 000871912 _____ (Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe
2022-03-27 21:17 - 2022-03-27 21:17 - 000050664 _____ (Lenovo) C:\WINDOWS\system32\Drivers\ibmpmdrv.sys
2022-03-27 21:17 - 2022-03-27 21:17 - 000038888 _____ (Lenovo) C:\WINDOWS\system32\Drivers\pmdrvs.sys
2022-03-25 13:52 - 2022-03-28 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2022-03-24 07:03 - 2022-03-24 07:03 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-03-24 07:03 - 2022-03-24 07:03 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-03-24 07:03 - 2022-03-24 07:03 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-03-24 07:03 - 2022-03-24 07:03 - 000011791 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-24 06:54 - 2022-03-24 06:54 - 000000000 ___HD C:\$WinREAgent
2022-03-22 06:57 - 2022-03-23 06:38 - 000000000 ____D C:\Users\U50457\AppData\Roaming\GlarySoft
2022-03-22 06:57 - 2022-03-22 06:57 - 000000000 ____D C:\ProgramData\Glarysoft

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-12 05:35 - 2022-01-18 12:32 - 000000000 ____D C:\Users\U50457\AppData\LocalLow\Mozilla
2022-04-12 05:32 - 2022-02-09 06:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-12 05:31 - 2020-09-27 07:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-12 05:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-12 04:37 - 2017-09-29 23:15 - 000000680 _____ C:\WINDOWS\system32\config\netlogon.ftl
2022-04-12 04:03 - 2017-10-04 13:39 - 000000000 ____D C:\PCScan
2022-04-12 03:59 - 2017-09-29 07:50 - 000000000 ___HD C:\Program Files\PCService
2022-04-11 12:07 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-11 12:02 - 2020-10-26 14:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Symantec Endpoint Protection
2022-04-11 12:01 - 2020-10-26 14:29 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-11 12:01 - 2019-12-07 16:43 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-11 12:01 - 2019-12-07 16:43 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-11 11:57 - 2017-09-29 07:51 - 000000000 ___RD C:\Users\U50457\OneDrive
2022-04-11 11:57 - 2017-09-29 07:50 - 000000000 __SHD C:\Users\U50457\IntelGraphicsProfiles
2022-04-11 11:56 - 2020-09-27 09:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-11 11:56 - 2020-07-20 15:38 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-11 11:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-11 11:56 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-04-11 11:56 - 2017-08-30 03:54 - 000000000 ___HD C:\Intel
2022-04-11 11:55 - 2021-02-22 07:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-11 07:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-11 07:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-11 05:43 - 2022-02-15 07:53 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-11 05:43 - 2022-02-15 07:53 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ab93be33686a
2022-04-08 05:57 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-04-08 05:47 - 2017-09-29 08:32 - 000000000 ____D C:\Users\U50457\AppData\Local\CrashDumps
2022-04-07 06:16 - 2020-09-27 07:55 - 000453800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-07 06:14 - 2017-11-02 11:20 - 000000000 ____D C:\Users\U50457\AppData\Roaming\Apple Computer
2022-04-07 06:13 - 2017-10-02 07:17 - 000000000 ____D C:\ProgramData\Autodesk
2022-04-06 09:40 - 2017-09-29 07:58 - 000000000 ____D C:\Dochazka_Start
2022-04-06 09:04 - 2017-10-02 08:00 - 000000000 ____D C:\Users\U50457\Desktop\Uzávěrka
2022-04-06 07:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-04-06 07:17 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-04-06 06:12 - 2017-08-30 03:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-04-05 09:38 - 2019-10-03 13:34 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-04-05 09:36 - 2018-05-02 06:09 - 000000000 ____D C:\Users\U50457\AppData\Local\Lenovo
2022-04-04 05:59 - 2017-10-18 12:25 - 000000000 ____D C:\Users\U50457\AppData\Local\Packages
2022-04-04 05:46 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-01 10:35 - 2018-05-02 10:23 - 000000000 ____D C:\Users\U50457\AppData\Local\D3DSCache
2022-04-01 10:22 - 2018-04-12 09:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-01 06:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-04-01 05:43 - 2020-10-26 14:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-04-01 05:43 - 2020-07-20 14:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2022-04-01 05:43 - 2020-07-20 14:25 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2022-04-01 05:43 - 2020-07-20 14:25 - 000000000 ____D C:\WINDOWS\Lenovo
2022-04-01 05:43 - 2018-05-16 05:51 - 000000000 ____D C:\Users\U50457\AppData\Roaming\IObit
2022-04-01 05:43 - 2018-05-16 05:51 - 000000000 ____D C:\Users\U50457\AppData\LocalLow\IObit
2022-04-01 05:43 - 2018-05-16 05:51 - 000000000 ____D C:\ProgramData\IObit
2022-04-01 05:43 - 2018-05-16 05:51 - 000000000 ____D C:\Program Files (x86)\IObit
2022-04-01 05:43 - 2017-08-30 04:26 - 000000000 ____D C:\ProgramData\Lenovo
2022-04-01 05:43 - 2017-08-30 03:37 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-04-01 05:43 - 2017-08-30 03:36 - 000000000 ____D C:\Program Files\Lenovo
2022-03-31 13:13 - 2017-09-29 08:32 - 000000000 ____D C:\Users\U50457\AppData\Local\MicrosoftEdge
2022-03-31 12:22 - 2017-08-30 04:00 - 000048112 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2022-03-31 10:06 - 2020-03-24 06:42 - 000000000 ____D C:\WINDOWS\TempInst
2022-03-31 10:04 - 2020-10-26 14:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2022-03-31 09:54 - 2022-01-19 14:13 - 000004374 _____ C:\WINDOWS\storelibdebug.txt
2022-03-31 09:47 - 2017-09-29 07:50 - 000000000 ____D C:\Users\U50457\AppData\Roaming\Intel
2022-03-31 09:38 - 2018-08-31 11:06 - 000004144 _____ C:\WINDOWS\system32\tbt_log.txt
2022-03-31 09:37 - 2017-08-30 03:36 - 000000000 ____D C:\Program Files (x86)\Intel
2022-03-31 09:32 - 2017-10-02 08:01 - 000014223 _____ C:\Users\U50457\Desktop\Kniha jízd.xlsx
2022-03-31 09:14 - 2017-09-29 07:50 - 000000000 ____D C:\Users\U50457\AppData\Local\VirtualStore
2022-03-30 10:24 - 2018-05-02 08:19 - 000000000 ____D C:\Users\U50457\AppData\Local\PlaceholderTileLogoFolder
2022-03-29 10:16 - 2017-08-30 03:37 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-29 10:13 - 2022-02-16 14:11 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2022-03-29 10:06 - 2020-10-26 14:24 - 000000000 ____D C:\Users\U50457
2022-03-28 13:17 - 2018-07-03 17:27 - 000000000 ____D C:\ProgramData\VEGAS
2022-03-28 09:46 - 2022-02-16 09:55 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2326126467-407937288-474921760-6476
2022-03-28 09:45 - 2020-09-27 09:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-03-28 09:45 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-25 07:10 - 2018-05-02 06:09 - 000000000 ____D C:\Users\OEM\AppData\Local\Lenovo
2022-03-24 07:10 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-24 07:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-23 21:13 - 2021-06-11 12:35 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2021-06-11 12:35 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 06:34 - 2019-08-12 11:41 - 000000741 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

==================== Files in the root of some directories ========

2018-05-03 12:59 - 2020-01-07 12:45 - 000004608 _____ () C:\Users\U50457\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-04-07 06:28 - 2022-04-07 06:28 - 000000000 _____ () C:\Users\U50457\AppData\Local\oobelibMkey.log
2022-02-17 07:45 - 2022-02-17 07:45 - 000007625 _____ () C:\Users\U50457\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
nohic
nováček
Příspěvky: 25
Registrován: březen 22
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod nohic » 12 dub 2022 05:41

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2022 03
Ran by U50457 (12-04-2022 05:37:50)
Running from C:\Users\U50457\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.1620 (X64) (2020-10-26 12:32:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3169971691-1478504625-2396636365-500 - Administrator - Enabled)
DefaultAccount (S-1-5-21-3169971691-1478504625-2396636365-503 - Limited - Disabled)
Guest (S-1-5-21-3169971691-1478504625-2396636365-501 - Limited - Disabled)
OEM (S-1-5-21-3169971691-1478504625-2396636365-1001 - Limited - Disabled) => C:\Users\OEM
WDAGUtilityAccount (S-1-5-21-3169971691-1478504625-2396636365-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Symantec Endpoint Protection (Enabled - Up to date) {FC90FA28-5CE6-9068-FC99-1C67339C0047}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Symantec Endpoint Protection (Enabled) {C4AB7B0D-1689-9130-D7C6-B552CD4F473C}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
Altap Salamander 4.0 (x64) (HKLM\...\Altap Salamander 4.0 (x64)) (Version: 4.0 - ALTAP)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{ebb135fb-d587-4f7a-8c91-eca79031d792}) (Version: 21.30.2 - Intel Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
Docházka (HKLM-x32\...\{30D67C8D-244A-4A83-90B4-AF541FD8A551}) (Version: 1.0.0 - Třinecké železárny, a. s.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Check Point Identity Agent (HKLM-x32\...\{4BF5B7F6-938A-419A-AA82-6F56F1B798B9}) (Version: 81.023.0000 - Check Point Software Technologies Ltd.)
IBM Notes 9.0.1 Social Edition cs (HKLM-x32\...\{13496F6E-C212-492E-9DA4-C2EB4FBA6B44}) (Version: 9.01.14049 - IBM)
Intel(R) Computing Improvement Program (HKLM\...\{F6B5BD59-21F0-47F8-A6C6-63BAEB1A6569}) (Version: 2.1.03720 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2024.14.0.1655 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{15998D77-1F78-43EE-96D4-1067ECAA2412}) (Version: 3.5.2247 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{69bc85f1-55f9-44f2-b5df-3840fe07854c}) (Version: 1.61.251.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001050-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.50.1 - Intel Corporation)
Intel® Online Connect (HKLM-x32\...\{6b556278-d555-4d14-ac99-8ad600578a95}) (Version: 1.3.13.0 - Intel Corporation)
KONICA MINOLTA C360i_C4050i_C4000i_C3320iSeries (HKLM\...\KONICA MINOLTA C360i_C4050i_C4000i_C3320iSeries Installer) (Version: - KONICA MINOLTA)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.23 - Lenovo) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.11.20.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.36 - Microsoft Corporation)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.15028.20160 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3169971691-1478504625-2396636365-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 99.0 (x64 cs)) (Version: 99.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15028.20050 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20094 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
RogueKiller version 15.4.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.4.0.0 - Adlice Software)
SAP GUI for Windows 7.40 (Patch 13) (HKLM-x32\...\SAPGUI) (Version: 7.40 Compilation 3 - SAP SE)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Symantec Endpoint Protection (HKLM\...\{EDA35EBE-E7E4-42E2-9B20-E3A68DE9B0D0}) (Version: 14.3.5413.3000 - Broadcom)
Thunderbolt™ Software (HKLM-x32\...\{1AA93FF8-C685-4E00-8682-7F2E5D8E8689}) (Version: 17.4.80.550 - Intel Corporation)
TightVNC (HKLM\...\{DEE0B752-52D8-4615-9BEE-1EDA46628960}) (Version: 2.8.8.0 - GlavSoft LLC.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VNC Mirror Driver 1.8.0 (HKLM\...\VNCMirror_is1) (Version: 1.8.0 - RealVNC Ltd.)
WALTR HEIC Converter version 1.1.4 (HKLM\...\{E312C002-A6C4-5F1E-2BF2-3F6348653080}_is1) (Version: 1.1.4 - Softorino, Inc.)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-03-30] (Microsoft Corporation)
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_2.0.0.3_neutral__s63fsn2sety0r [2021-07-01] (KONICA MINOLTA INC)
Mapy.cz -> C:\Program Files\WindowsApps\949FFEAB.Mapy.cz_8.1.1.0_x64__refxrrjvvv3cw [2022-03-31] (Seznam.cz a.s.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-14] (Microsoft Corporation) [MS Ad]
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2021-12-09] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0 [2022-03-30] (Spotify AB) [Startup Task]
Windows File Recovery -> C:\Program Files\WindowsApps\Microsoft.WindowsFileRecovery_0.1.20151.0_x64__8wekyb3d8bbwe [2022-03-31] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll => No File
CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{A434F5F0-76CF-4ED2-8D3A-8840D7F0C2D8} -> [iCloud Drive] =>
CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe => No File
CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{C78B614F-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (Fine spol. s r.o. -> ALTAP)
CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{DDEE5329-CDCF-4C31-A3D2-5D39FC757ECA} -> [Fotky na iCloudu] =>
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0801.0008_1\amd64\FileSyncShell64.dll [2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\vpshell2.dll [2022-01-21] (Symantec Corporation -> Broadcom)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\vpshell2.dll [2022-01-21] (Symantec Corporation -> Broadcom)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0801.0008_1\amd64\FileSyncShell64.dll [2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\19.152.0801.0008_1\amd64\FileSyncShell64.dll [2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\igfxDTCM.dll [2022-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [LDVPMenu] -> {8BEEE74D-455E-4616-A97A-F6E86C317F32} => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\vpshell2.dll [2022-01-21] (Symantec Corporation -> Broadcom)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-04] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2326126467-407937288-474921760-20846: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.ACDV] => ACDV.dll
HKLM\...\Drivers32: [VIDC.CFHD] => CFHD.dll
HKLM\...\Drivers32-x32: [VIDC.ACDV] => ACDV.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-01-20 10:28 - 2022-01-20 10:28 - 000090112 _____ () [File not signed] C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\402\1\.cp\swtIbmWrapper.dll
2022-01-20 10:37 - 2022-01-20 10:37 - 006119424 _____ () [File not signed] C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\608\1\.cp\os\win32\x86\PhoneGridGIPS.dll
2022-01-20 10:38 - 2022-01-20 10:38 - 000075776 _____ () [File not signed] C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\896\1\.cp\os\win32\NativeNetInfo.dll
2013-10-02 16:22 - 2013-10-02 16:22 - 000053248 _____ () [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\eclipse_1406.dll
2013-10-02 16:22 - 2013-10-02 16:22 - 000110592 _____ () [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\pipeserver.dll
2013-10-02 16:22 - 2013-10-02 16:22 - 000208896 _____ () [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.os.win32_9.0.1.20131002-1404\os\win32\x86\os.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000049152 _____ () [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.ui.browser.launcher_9.0.1.20180425-1159\os\win32\x86\browserlauncher.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000151552 _____ () [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\swtxpcom.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 001904640 _____ () [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\mozjs.dll
2022-01-20 10:21 - 2017-04-05 10:44 - 000199168 _____ () [File not signed] C:\Notes\libpng16.dll
2013-10-15 02:22 - 2018-04-26 00:01 - 000003584 _____ () [File not signed] C:\Notes\ndgts.dll
2013-10-15 02:25 - 2018-04-25 23:57 - 002287104 _____ () [File not signed] C:\Notes\nlsxbe.DLL
2013-10-15 02:39 - 2018-04-25 23:59 - 028739072 _____ () [File not signed] C:\Notes\nnotes.dll
2013-10-15 02:38 - 2018-04-25 23:58 - 025215488 _____ () [File not signed] C:\Notes\nnotesws.dll
2022-01-20 10:21 - 2022-01-20 10:21 - 001180672 _____ () [File not signed] C:\Notes\NSTRINGS.DLL
2022-01-20 10:28 - 2022-01-20 10:28 - 000118784 _____ (Eclipse Foundation) [File not signed] C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\402\1\.cp\swt-gdip-win32-3740.dll
2022-01-20 10:28 - 2022-01-20 10:28 - 000430080 _____ (Eclipse Foundation) [File not signed] C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\402\1\.cp\swt-win32-3740.dll
2022-01-20 10:28 - 2022-01-20 10:28 - 000045056 _____ (IBM Corp) [File not signed] C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\996\1\.cp\os\win32\notesbootstrap.dll
2013-10-15 01:28 - 2013-10-15 01:28 - 000375296 _____ (IBM Corp) [File not signed] C:\Notes\js32.dll
2013-10-15 02:37 - 2013-10-15 02:37 - 000011264 _____ (IBM Corp) [File not signed] C:\Notes\namhook.DLL
2013-10-15 02:26 - 2013-10-15 02:26 - 000020992 _____ (IBM Corp) [File not signed] C:\Notes\nDBnotes.DLL
2013-10-15 02:23 - 2017-08-15 04:02 - 000436736 _____ (IBM Corp) [File not signed] C:\Notes\ndxlo.dll
2013-10-15 02:25 - 2013-10-15 02:25 - 000011264 _____ (IBM Corp) [File not signed] C:\Notes\nhkdaemn.DLL
2013-10-15 02:28 - 2013-10-15 02:28 - 000006144 _____ (IBM Corp) [File not signed] C:\Notes\nhldaemn.DLL
2013-10-15 02:27 - 2017-08-15 04:07 - 001960960 _____ (IBM Corp) [File not signed] C:\Notes\NLSCCSTR.DLL
2013-10-15 02:36 - 2017-08-15 04:20 - 000108544 _____ (IBM Corp) [File not signed] c:\Notes\nnoteswc.dll
2013-10-15 02:35 - 2013-10-15 02:35 - 000078336 _____ (IBM Corp) [File not signed] C:\Notes\nNTCP.DLL
2013-10-15 02:35 - 2013-10-15 02:35 - 000031744 _____ (IBM Corp) [File not signed] C:\Notes\nplugins.dll
2013-10-15 02:34 - 2013-10-15 02:34 - 000028160 _____ (IBM Corp) [File not signed] C:\Notes\nTCP.DLL
2013-10-15 02:22 - 2013-10-15 02:22 - 000109056 _____ (IBM Corp) [File not signed] C:\Notes\ntlupdat.DLL
2013-10-15 02:25 - 2013-10-15 02:25 - 000081920 _____ (IBM Corp) [File not signed] C:\Notes\nwrdaemndll.DLL
2013-10-15 02:23 - 2013-10-15 02:23 - 000106496 _____ (IBM Corp) [File not signed] C:\Notes\nxmlcommon.dll
2013-10-15 02:24 - 2017-08-15 04:03 - 003212288 _____ (IBM Corp) [File not signed] C:\Notes\nxmlproc.dll
2013-10-15 02:27 - 2013-10-15 02:27 - 000040960 _____ (IBM Corp) [File not signed] C:\Notes\nxpm.dll
2013-10-15 01:55 - 2018-04-26 00:02 - 004548608 _____ (IBM) [File not signed] C:\Notes\nsdhelp.dll
2022-01-20 10:38 - 2022-01-20 10:38 - 000008192 _____ (International Business Machines Corporation) [File not signed] C:\Notes\Data\workspace\.config\org.eclipse.osgi\bundles\746\1\.cp\os\win32\x86\ActivityMonitor.dll
2013-10-15 00:54 - 2013-10-15 00:54 - 000175104 _____ (Lotus Development Corporation.) [File not signed] C:\Notes\LTOUIN22.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000008704 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\mozalloc.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000026624 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\mozutils.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000167936 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\nspr4.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000638976 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\nss3.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000098304 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\nssutil3.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000014848 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\plc4.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000011776 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\plds4.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000098304 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\smime3.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000163840 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\softokn3.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000151552 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\ssl3.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000012288 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\xpcom.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 014643200 _____ (Mozilla Foundation) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\xul.dll
2022-01-20 10:22 - 2022-01-20 10:22 - 000364544 _____ (sqlite.org) [File not signed] C:\Notes\framework\rcp\eclipse\plugins\com.ibm.rcp.xulrunner.runtime.win32.x86_9.0.1.20180425-1159\xulrunner\mozsqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSettings_{9E78FE08-0A10-4910-8555-B47C5C97A7E0}.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSettings_{A4D3C896-5584-4740-86EC-BA8E4E3D9F26}.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSettings_{C6B0F072-7178-4655-8ABE-C08EAB73DD16}.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSettings_{FC2F6DB3-0652-459A-85F4-3A58EB518729}.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3169971691-1478504625-2396636365-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17swin10.msn.com/?pc=LJSE
HKU\S-1-5-21-3169971691-1478504625-2396636365-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17swin10.msn.com/?pc=LJSE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll [2017-04-27] (SAP SE -> SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll [2017-04-27] (SAP SE -> SAP, Walldorf)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-04-08 05:46 - 2022-04-12 03:59 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2019-08-12 11:41 - 2022-03-23 06:34 - 000000741 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
6 28 10 560
68.137.1 W-SAS-2017082.mshome.net # 2025 3 6 1 4 28 43 770
944
338
761
145

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\CineForm\Tools;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;c:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;c:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2326126467-407937288-474921760-20846\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-3169971691-1478504625-2396636365-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Signature\Signature01.jpg
DNS Servers: 172.25.11.240 - 172.25.11.241
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Wi-Fi: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: cplspcon => 2
MSCONFIG\Services: DSAService => 2
MSCONFIG\Services: ESRV_SVC_QUEENCREEK => 2
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: IBMPMSVC => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Online Connect => 3
MSCONFIG\Services: Intel(R) Online Connect Helper => 2
MSCONFIG\Services: Intel(R) Online Connect Software Asset Manager => 3
MSCONFIG\Services: Intel(R) SUR QC SAM => 3
MSCONFIG\Services: Intel(R) TechnologyAccessService => 2
MSCONFIG\Services: Lenovo Instant On => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: LNSUSvc => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: RmcSvc => 2
MSCONFIG\Services: ssh-agent => 3
MSCONFIG\Services: SUService => 3
MSCONFIG\Services: SWUpdateService => 2
MSCONFIG\Services: SystemUsageReportSvc_QUEENCREEK => 2
MSCONFIG\Services: TPHKLOAD => 2
MSCONFIG\Services: ZeroConfigService => 2
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKLM\...\StartupApproved\Run32: => "PDFHook"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CBA39EBE-BD27-4E1B-A9C2-6BB91CE53DAC}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{3504C373-E360-4017-AA02-DD0B267DC7BD}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{CD3C58E5-35FD-4EC3-B153-D799B0EF3FD9}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{A2AEF3F2-E94B-4552-B6CE-13046C141E16}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{879F2A3D-D601-4295-A571-04B388D4020E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DD8B9022-148C-409F-BD54-D121CCC60276}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\ccSvcHst.exe (Symantec Corporation -> Broadcom)
FirewallRules: [{465514E9-E1E1-4864-9D9D-AB5840D89EF9}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\ccSvcHst.exe (Symantec Corporation -> Broadcom)
FirewallRules: [{482FCE7C-A64A-48F8-B55E-185A651C771C}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\snac64.exe (Symantec Corporation -> Broadcom)
FirewallRules: [{EE3568E0-48B9-43DF-B008-435D5DCABF83}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\snac64.exe (Symantec Corporation -> Broadcom)
FirewallRules: [{1A34248D-A17A-489E-A4AF-8B4C43F32846}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69801EF7-9AA1-4D72-B340-21A6254F4D58}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3A22B7D3-AB04-46E9-B5E7-896DDB01612A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F7274BD-84A9-4D67-9CB0-7DA6B148FAAA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D36B3314-5C3B-4A2F-B9AE-B7B7081D7C87}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC -> GlavSoft LLC.)
FirewallRules: [{9C02F1C3-4BF9-4CDD-84AC-EE05B72E5BAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1B506F40-85D7-4C27-81AB-6DB0D8008BE5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{152AB952-C421-4A98-8CDC-F56446DA2E34}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{88078017-6B04-4AB8-ABD3-B718256C7F61}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{463F65C6-6848-4986-AAA9-8FBCA8512B44}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FA2FCF7-936B-4302-8D4E-3BED08B07417}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D0E6EA61-7B3C-4BBC-B548-FAB30440AD51}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D42DC289-744F-4CE2-9558-26D4B2CE7FB3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{570E1871-69B8-4C42-AEBF-6DC797E4730F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{449F4DFB-464D-48CC-8EF9-07C94E1C1F73}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A63AC743-CFE6-4CDD-AFCE-3F06A4181C97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D211A8D0-BFD3-4C20-886E-281121C14E6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D6BB800A-0F70-418B-8F84-F9B575265781}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45AE72DB-4554-4106-82D9-923E51C00E04}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{41B3B290-9568-4C68-88FA-D70396F8CD65}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{15DC8FCA-C216-459F-82C6-AA5B7581640B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.182.758.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1DE620B9-D596-49D2-BEA8-646FA18C784C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{235CE627-5429-4F2A-B86D-AD6562078234}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{94C8205A-5FDC-425B-A7B7-C1BF90C9C5ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B2FA4D9C-3834-4B64-9558-70B95119D3E3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

28-03-2022 11:48:39 Nainstalováno FormApps Signing Extension.
31-03-2022 06:46:56 Removed ELVIS
31-03-2022 09:34:26 Removed Thunderbolt™ Software
31-03-2022 12:22:41 Driver Booster : Synaptics Pointing Device
31-03-2022 13:21:42 Removed Java 8 Update 321
31-03-2022 13:22:28 Removed Microsoft Edge
01-04-2022 05:43:27 AdwCleaner_BeforeCleaning_01/04/2022_05:43:26
05-04-2022 05:49:30 AdwCleaner_BeforeCleaning_05/04/2022_05:49:30
05-04-2022 05:51:30 JRT Pre-Junkware Removal
05-04-2022 06:20:04 Installed Sophos Virus Removal Tool.
06-04-2022 06:41:37 zoek.exe restore point
06-04-2022 09:40:10 Installed Docházka

==================== Faulty Device Manager Devices ============

Name: ThinkPad T570 STM TPM Firmware 71.16 (from 71.4/71.12)
Description: ThinkPad T570 STM TPM Firmware 71.16 (from 71.4/71.12)
Class Guid: {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
Manufacturer: Lenovo Ltd.
Service:
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/11/2022 05:53:46 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (04/11/2022 05:53:34 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2326126467-407937288-474921760-6476.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {d518cd86-07fa-4b56-9ff5-111db2b55dac}

Error: (04/11/2022 05:53:34 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {813ce748-d322-42d2-8ef3-291603d5975b}

Error: (04/11/2022 05:53:34 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2326126467-407937288-474921760-6476.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {d518cd86-07fa-4b56-9ff5-111db2b55dac}

Error: (04/08/2022 05:47:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LenovoVantage-(GenericMessagingAddin).exe, verze: 3.11.20.0, časové razítko: 0xcbbdf094
Název chybujícího modulu: SLSCore.dll_unloaded, verze: 1.0.0.877, časové razítko: 0x61bb8c3e
Kód výjimky: 0xc0000005
Posun chyby: 0x0017adf0
ID chybujícího procesu: 0x2b40
Čas spuštění chybující aplikace: 0x01d84a3735413468
Cesta k chybující aplikaci: C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(GenericMessagingAddin).exe
Cesta k chybujícímu modulu: SLSCore.dll
ID zprávy: 94c6e340-e14e-4c50-ac78-29758eaa5af5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/08/2022 05:47:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LenovoVantage-(GenericMessagingAddin).exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 63F5ADF0

Error: (04/08/2022 05:45:38 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (04/08/2022 05:45:38 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (04/11/2022 05:44:43 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 05:44:43 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 05:44:42 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 05:44:42 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 11:58:55 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 11:58:55 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (04/11/2022 11:57:23 AM) (Source: Application Management Group Policy) (EventID: 108) (User: NT AUTHORITY)
Description: Nepodařilo se použít změny nastavení instalace softwaru. Změny softwaru se nepodařilo použít. Měla by existovat položka protokolu s podrobnostmi. Došlo k chybě: %Změny softwaru se nepodařilo použít. Měla by existovat položka protokolu s podrobnostmi.612.

Error: (04/11/2022 11:57:23 AM) (Source: Application Management Group Policy) (EventID: 102) (User: NT AUTHORITY)
Description: Nepodařilo se nainstalovat aplikaci MagikAUDIT Client uvedenou v zásadách GPO4-ST-wks-MAGIK_AUDIT. Došlo k chybě: %MagikAUDIT Client612.


CodeIntegrity:
===============
Date: 2022-04-11 11:58:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\symamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2022-04-11 11:57:59
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\WSCSAvNotifier.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-04-11 11:57:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\symamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO N1VET59W (1.49 ) 12/01/2021
Motherboard: LENOVO 20HAS0B200
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 8015.69 MB
Available physical RAM: 3443.35 MB
Total Virtual: 8527.69 MB
Available Virtual: 3436.53 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.23 GB) (Free:137.81 GB) NTFS

\\?\Volume{9a3e8f31-2f3e-4c95-8abd-d24e47b16a30}\ () (Fixed) (Total:0.98 GB) (Free:0.46 GB) NTFS
\\?\Volume{0ed2b81e-c2c6-4c68-aa59-5a4891eb8998}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C2232F95)

Partition: GPT.

==================== End of Addition.txt =======================


Chyba se projevuje, zase 2x. Obrázek jsem tady už dával.

Obrázek
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod jaro3 » 12 dub 2022 16:45

AV: Symantec Endpoint Protection (Enabled - Up to date) {FC90FA28-5CE6-9068-FC99-1C67339C0047}
FW: Symantec Endpoint Protection (Enabled) {C4AB7B0D-1689-9130-D7C6-B552CD4F473C}
Opět není vyplý antivir ani firewall.


Task: {CEE69677-9C22-49D4-BF28-7AA25A2898A5} - System32\Tasks\TinyTask => C:\Users\Default\Links\plugins.js (No File)
Patří k programu TinyTask , odinstaloval si ho?
Instaloval nebo odinstaloval si v poslední době něco? Jinak to vypadá na chyby na disku.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0F1A12B3-6D23-40B2-B2DD-C347CD85314A} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {64975F98-18DA-4BEF-9F2D-EBB123C10B60} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2326126467-407937288-474921760-6476 => C:\Users\U50457\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {6DCB50AC-6925-4E1E-84C9-9AD670B2655A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {7AEDD8A1-8F3D-4EAC-9D02-48610472338D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {8B0B41E5-2F22-421C-B561-65E04D1666B4} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {A6647466-A512-495E-9498-B262A52A20A8} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2326126467-407937288-474921760-6476 => C:\Users\U50457\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {AAD434FA-3E9A-416E-AA48-6511AA0B1EE3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {ACC9F884-A1E5-428A-A75F-A5042C047F0C} - System32\Tasks\TiniTask => C:\Users\Default\Links\pluginsd.js (No File)
Task: {CEE69677-9C22-49D4-BF28-7AA25A2898A5} - System32\Tasks\TinyTask => C:\Users\Default\Links\plugins.js (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
dge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
U1 aswbdisk; no ImagePath
CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll => No File
CustomCLSID: HKU\S-1-5-21-2326126467-407937288-474921760-20846_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe => No File
ShellIconOverlayIdentifiers: [  MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [  MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [  MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers-x32: [  MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [  MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [  MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_S-1-5-21-2326126467-407937288-474921760-20846: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => -> No File
FirewallRules: [{1DE620B9-D596-49D2-BEA8-646FA18C784C}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{235CE627-5429-4F2A-B86D-AD6562078234}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
nohic
nováček
Příspěvky: 25
Registrován: březen 22
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod nohic » 13 dub 2022 06:13

Nebyl Symantec vypnutý, protože ho asi nevypnu. Mají to tak nastavené správci sítě u nás ve firmě. Já dám aplikaci "Disabled", ale stejně vidíte, že to nefunguje...

Nějaké programy mi odinstaloval správce sítě, když nedávno dělal údržbu, ale ta chyba se projevovala už předtím.... je to delší dobu. Chtěl jsem přeinstalovat celý systém, ale nakonec jsem od toho upustil a řeším to tady s Vámi. Správce sítě si s tím nedokáže poradit a odpálkoval mě s hláškou: "však to tak často nevyskakuje, to prostě odklikneš no". Takže tak... :-)

Fixlist s FRST provedeno.

CrystalDiskInfo:
----------------------------------------------------------------------------
CrystalDiskInfo 8.16.1 (C) 2008-2022 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 19044] (x64)
Date : 2022/04/13 6:11:43

-- Controller Map ----------------------------------------------------------
- Řadič prostorů úložišť [SCSI]
+ Surface NVM Express Controller [SCSI]
- SAMSUNG MZVLW256HEHP-000L7

-- Disk List ---------------------------------------------------------------
(01) SAMSUNG MZVLW256HEHP-000L7 : 256,0 GB [0/0/0, sq] - nv

----------------------------------------------------------------------------
(01) SAMSUNG MZVLW256HEHP-000L7
----------------------------------------------------------------------------
Model : SAMSUNG MZVLW256HEHP-000L7
Firmware : 5L7QCXB7
Serial Number : S35ENX0J828462
Disk Size : 256,0 GB
Interface : NVM Express
Standard : NVM Express 1.2
Transfer Mode : PCIe 3.0 x2 | PCIe 3.0 x4
Power On Hours : 2642 hodin
Power On Count : 969 krát
Host Reads : 17567 GB
Host Writes : 16939 GB
Temperature : 33 C (91 F)
Health Status : Dobrý (95 %)
Features : S.M.A.R.T., TRIM, VolatileWriteCache
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID RawValues(6) Attribute Name
01 000000000000 Kritické varování
02 000000000132 Složená teplota
03 000000000064 Rezerva k dispozici
04 00000000000A Dostupná náhradní prahová hodnota
05 000000000005 Použité procento
06 000002322641 Čtení datových jednotek
07 0000021E0DC3 Zapsané datové jednotky
08 0000390DE387 Příkazy pro hostitelské čtení
09 00002788A710 Příkazy pro zápis hostitele
0A 00000000086B Čas obsazení řadiče
0B 0000000003C9 Napájecí cykly
0C 000000000A52 Hodiny napájení
0D 00000000004C Nebezpečné vypnutí
0E 000000000000 Chyby v médiích a integritě dat
0F 000000000A75 Počet položek protokolu chybových informací

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 144D 144D 3353 4535 584E 4A30 3238 3438 3236 2020
010: 2020 2020 4153 534D 4E55 2047 5A4D 4C56 3257 3635
020: 4548 5048 302D 3030 374C 2020 2020 2020 2020 2020
030: 2020 2020 4C35 5137 5843 3742 3802 0025 0000 0002
040: 0200 0001 86A0 0001 4B40 004C 0000 0000 0000 0000
050: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
060: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
090: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0017 0307
130: 0316 043F 0101 0156 0159 0000 0000 0000 0000 0000
140: 6000 9E65 003B 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0023 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_NVME --------------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 32 01 64 0A 05 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: 42 26 32 02 00 00 00 00 00 00 00 00 00 00 00 00
030: C3 0D 1E 02 00 00 00 00 00 00 00 00 00 00 00 00
040: A0 E3 0D 39 00 00 00 00 00 00 00 00 00 00 00 00
050: 10 A7 88 27 00 00 00 00 00 00 00 00 00 00 00 00
060: 6B 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: C9 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: 52 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 4C 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 75 0A 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 32 01 3D 01 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Nahoru
nohic
nováček
Příspěvky: 25
Registrován: březen 22
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod nohic » 13 dub 2022 08:38

Zatím to vypadá, že se problém konečně vyřešil, chyba se zatím neprojevila.

ZATÍM TEDA VELICE DĚKUJI ZA POMOC S PROBLÉMEM. :clap: :clap: :clap:
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod jaro3 » 13 dub 2022 16:09

Já potřebuji ten log po výmazech , zda se vše smazalo.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
nohic
nováček
Příspěvky: 25
Registrován: březen 22
Pohlaví: Muž
Stav:
Offline

Re: Kontola logu - chyba pluginsd.js

Příspěvekod nohic » 14 dub 2022 05:49

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01
Ran by U50457 (administrator) on W-SAS-2017082 (LENOVO 20HAS0B200) (14-04-2022 05:46:38)
Running from C:\Users\U50457\Desktop
Loaded Profiles: U50457
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1620 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\igfxEM.exe
(rmc.exe ->) (MagikINFO s.r.o. -> MagikINFO s.r.o.) C:\Program Files\PCService\winmgr.exe
(services.exe ->) (Broadcom Inc -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\sepWscSvc64.exe
(services.exe ->) (GlavSoft LLC -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe <2>
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Identity Agent\MADService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fa58b8086803cc6e\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_69d915519e0a2ac8\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (International Business Machines Corporation -> IBM) C:\Notes\nsd.exe
(services.exe ->) (MagikINFO s.r.o. -> ) C:\Windows\System32\rmc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\ccSvcHst.exe <2>
(services.exe ->) (Symantec Corporation -> Broadcom) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\ccSvcHst.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1725408 2017-03-14] (GlavSoft LLC -> GlavSoft LLC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-02-14] (Adobe Inc. -> )
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-02-14] (Adobe Inc. -> )
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1592440 2019-09-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Run: [MicrosoftEdgeAutoLaunch_0FA2AAF1B1FBAB38F04D00347C40E9AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540400 2022-04-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-2326126467-407937288-474921760-20846\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\KOAYTJ_P: C:\Windows\System32\spool\prtprocs\x64\KOAYTJ_P.dll [92680 2016-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.)
HKLM\...\Windows x64\Print Processors\OKX055PP: C:\Windows\System32\spool\prtprocs\x64\OKX055PP.DLL [52224 2015-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Windows x64\Print Processors\OPATPP3: C:\Windows\System32\spool\prtprocs\x64\OPATPP3.DLL [41984 2013-05-15] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\C364SeriesPCL Language Monitor: C:\WINDOWS\system32\KOAYTJ_L.DLL [25608 2016-02-11] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\C4050iSeriesPCL Language Monitor: C:\WINDOWS\system32\KOAXNJ_L.dll [34328 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\Oki Common XP64 Language Monitor: C:\WINDOWS\system32\OKLMON64.DLL [27648 2009-06-25] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\Oki Language Monitor v2 x64: C:\WINDOWS\system32\OPPFLM64.DLL [24064 2011-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FB7E9E5-6AB6-489C-8477-6EBC3E86FB4B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
Task: {1591E91C-395A-4C98-9895-38E0C8442981} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {1CA8418A-6EE6-4E3C-B5A9-90AA01A398CF} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Autofix => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\SymErr.exe [91048 2022-04-12] (Symantec Corporation -> Broadcom)
Task: {20941E6C-0A23-4B67-BC98-97F37C8F8439} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {22204366-8591-40F2-9F1E-5E1277421EF0} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {25A557DA-10C5-4967-AD4B-BBAC0A4B1D03} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {52DD7655-B0EB-40E7-A491-A7EF53E81C9A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111512 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {586178B8-BBD7-4292-933E-78670E05B477} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {5D4F8AD9-035C-4B13-8131-A9C232AB035A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {6B591284-C384-4493-96D7-60D4840F9D39} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6E1E4B72-0F44-4F8D-BE71-E68172E577C5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {76583926-0678-423E-9191-89585AB66863} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {87E97DFE-3A24-431B-BCC4-33CA474C1488} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [63936 2021-12-03] (Lenovo -> )
Task: {917017BA-C9A6-45CF-8693-32386DA5A26F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F4DD0B8-AD7D-4087-9CE4-BE61E5C81901} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
Task: {B0A0DB4C-4785-4F0C-9970-5C780A1FB29B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {B50D20FC-F4FA-4390-8478-755219F39CBA} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
Task: {BB95D785-9FB3-4BE1-910F-189CF7FD1A66} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111512 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEBF62D4-6903-4A94-B000-F3EDD1D8328E} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (No File)
Task: {BFD69B42-E164-47E4-B950-6792085030BA} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
Task: {C0E14173-DC2E-40FB-A021-E3CC6EB98C63} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {CABB4DD7-10BA-4909-A6BA-7D0F288A22BD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {D24AFE09-E2EF-4CA1-9B28-D50D24BF3E5B} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {D9F335B2-255A-4598-A900-1B0F195DEDB0} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {E6996D20-94A4-4C57-B4D5-1CA026343F34} - \OneDrive Standalone Update Task-S-1-5-21-2326126467-407937288-474921760-6476 -> No File <==== ATTENTION
Task: {F72CC75A-A945-4FA2-8B94-A3A1FC968B53} - System32\Tasks\CCleanerSkipUAC - U50457 => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F9769154-285E-4213-83C1-42716BBEC662} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Analyzer => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\SymErr.exe [91048 2022-04-12] (Symantec Corporation -> Broadcom)
Task: {F9A7493E-4AE5-4BEE-A18E-637F3905D903} - System32\Tasks\Symantec Endpoint Protection\Symantec Endpoint Protection Error Processor => C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\SymErr.exe [91048 2022-04-12] (Symantec Corporation -> Broadcom)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 1 <==== ATTENTION (Restriction - ProxySettings)
Tcpip\..\Interfaces\{5d47e6f9-bbab-4d6b-8fb8-231c4eefb5c5}: [DhcpNameServer] 78.157.167.7 78.157.167.57
Tcpip\..\Interfaces\{f4e53463-c8e3-4f88-92e1-c2669401e0c7}: [NameServer] 172.25.11.240,172.25.11.241

Edge:
=======
DownloadDir: C:\Users\U50457\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\U50457\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-04-12]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\U50457\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-11]

FireFox:
========
FF DefaultProfile: avl24k64.default-1648801245445
FF ProfilePath: C:\Users\U50457\AppData\Roaming\Mozilla\Firefox\Profiles\avl24k64.default-1648801245445 [2022-04-14]
FF NewTab: Mozilla\Firefox\Profiles\avl24k64.default-1648801245445 -> about:newtab
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
R2 IBM Notes Diagnostics; c:\Notes\nsd.exe [5167680 2018-04-26] (International Business Machines Corporation -> IBM)
S4 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [575216 2018-02-23] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [306928 2018-02-23] (Intel(R) Online Connect -> Intel Corporation)
S4 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-12-21] (Intel(R) Software Asset Manager -> Intel Corporation)
S4 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [395000 2018-03-01] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S4 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe [28928 2022-01-20] (Lenovo -> Lenovo Group Ltd.)
S4 LNSUSvc; c:\Notes\SUService.exe [1654376 2013-10-15] (International Business Machines Corporation -> IBM Corp)
S4 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
R2 MADService; C:\Program Files (x86)\CheckPoint\Identity Agent\MADService.exe [2056920 2021-06-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-04] (Malwarebytes Inc -> Malwarebytes)
R2 RmcSvc; C:\WINDOWS\System32\rmc.exe [200288 2020-01-01] (MagikINFO s.r.o. -> )
R2 RmcSvc; C:\WINDOWS\SysWOW64\rmc.exe [200288 2020-01-01] (MagikINFO s.r.o. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254864 2022-03-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SepLpsService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\ccSvcHst.exe [156584 2022-04-12] (Symantec Corporation -> Broadcom)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin\ccSvcHst.exe [156584 2022-04-12] (Symantec Corporation -> Broadcom)
R2 SepScanService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\bin64\ccSvcHst.exe [191912 2022-04-12] (Symantec Corporation -> Broadcom)
R2 sepWscSvc; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\sepWscSvc64.exe [1369512 2022-04-12] (Broadcom Inc -> Broadcom)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Bin64\snac64.exe [215320 2022-04-12] (Symantec Corporation -> Broadcom)
S4 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3298208 2017-10-11] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [254112 2022-02-16] (Intel Corporation -> Intel Corporation)
S4 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\TPHKLOAD.exe [465192 2021-03-30] (Lenovo -> Lenovo Group Limited)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1725408 2017-03-14] (GlavSoft LLC -> GlavSoft LLC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S4 Lenovo Instant On; "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\EasyResume.exe" [X]
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleIPod; C:\WINDOWS\System32\drivers\AppleIPod.sys [30096 2021-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data\Definitions\BASHDefs\20220413.011\BHDrvx64.sys [2018776 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ccSettings_{C6B0F072-7178-4655-8ABE-C08EAB73DD16}; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\ccSetx64.sys [192320 2022-04-12] (Symantec Corporation -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2022-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data\Definitions\IPSDefs\20220413.071\IDSvia64.sys [1480144 2022-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2019-12-17] (IObit Information Technology -> IObit)
S3 IMFEFSFileControl; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [40824 2019-08-13] (IObit Information Technology -> IObit)
S3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2019-12-17] (IObit Information Technology -> IObit)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-04] (Malwarebytes Inc -> Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [51256 2018-03-01] (Intel(R) Online Connect Access -> Intel Corporation)
R1 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo)
R1 SRTSP; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data\SymPlatform\SRTSP64.SYS [941024 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\SRTSPX64.SYS [42448 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 SyDvCtrl; C:\WINDOWS\system32\Drivers\SEP\0E031525\0BB8.105\x64\sydvctrl64.sys [37368 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\symefasi\0704020.03D\symefasi64.sys [2048976 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\SymELAM.sys [25608 2022-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [93120 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 SymEvnt; C:\ProgramData\Symantec\Symantec Endpoint Protection\14.3.5413.3000.105\Data\SymPlatform\SymEvnt.sys [623192 2022-04-12] (Symantec Corporation -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\Ironx64.SYS [312280 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SYMNETS; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\symnets.sys [574320 2022-04-12] (Symantec Corporation -> Broadcom)
R1 SysPlant; C:\WINDOWS\System32\Drivers\SEP\0E031525\0BB8.105\x64\sysplant.sys [263216 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 Teefer2; C:\WINDOWS\system32\DRIVERS\Teefer.sys [113104 2022-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 vna_ap; C:\WINDOWS\system32\DRIVERS\vnaap.sys [178920 2017-02-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 vncmirror; C:\WINDOWS\System32\drivers\vncmirror.sys [4608 2008-10-14] (Microsoft Windows Hardware Compatibility Publisher -> RealVNC Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-14 05:46 - 2022-04-14 05:47 - 000026209 _____ C:\Users\U50457\Desktop\FRST.txt
2022-04-14 05:45 - 2022-04-14 05:46 - 002365952 _____ (Farbar) C:\Users\U50457\Desktop\FRST64.exe
2022-04-13 09:13 - 2022-04-13 09:24 - 000000000 ____D C:\Users\U50457\AppData\Roaming\Mp3tag
2022-04-13 09:13 - 2022-04-13 09:13 - 000001055 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2022-04-13 09:13 - 2022-04-13 09:13 - 000000000 ____D C:\Program Files (x86)\Mp3tag
2022-04-13 09:10 - 2022-04-13 09:11 - 000000000 ____D C:\Users\U50457\Downloads\RocknRolla Soundtrack (2008)
2022-04-13 09:10 - 2022-04-13 09:10 - 000000000 ____D C:\Users\U50457\AppData\Roaming\WinRAR
2022-04-13 06:05 - 2022-04-13 06:05 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-13 05:57 - 2022-04-13 06:11 - 000002024 _____ C:\Users\U50457\Desktop\CrystalDiskInfo.lnk
2022-04-13 05:57 - 2022-04-13 05:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-04-13 05:57 - 2022-04-13 05:57 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-04-13 05:52 - 2022-04-13 06:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-12 12:56 - 2022-04-12 12:56 - 000467224 _____ (Broadcom) C:\WINDOWS\system32\SymVPN.dll
2022-04-12 12:56 - 2022-04-12 12:56 - 000453400 _____ (Broadcom) C:\WINDOWS\system32\FwsVpn.dll
2022-04-12 12:56 - 2022-04-12 12:56 - 000373528 _____ (Broadcom) C:\WINDOWS\SysWOW64\SymVPN.dll
2022-04-12 12:56 - 2022-04-12 12:56 - 000364824 _____ (Broadcom) C:\WINDOWS\SysWOW64\FwsVpn.dll
2022-04-12 12:56 - 2022-04-12 12:56 - 000093120 _____ (Broadcom) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2022-04-12 12:56 - 2022-04-12 12:56 - 000010235 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2022-04-12 12:56 - 2022-04-12 12:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\symefasi
2022-04-12 12:56 - 2022-04-12 12:56 - 000000000 ____D C:\ProgramData\SymEFASI
2022-04-12 12:56 - 2022-04-12 12:56 - 000000000 ____D C:\ProgramData\regid.1992-12.com.symantec
2022-04-12 12:56 - 2022-04-12 12:56 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared
2022-04-12 12:56 - 2022-04-12 12:55 - 000113104 ____R (Broadcom) C:\WINDOWS\system32\Drivers\Teefer.sys
2022-04-12 12:55 - 2022-04-12 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
2022-04-12 06:11 - 2022-04-12 06:11 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-08 05:49 - 2022-04-14 05:46 - 000000000 ____D C:\FRST
2022-04-07 05:44 - 2022-04-13 18:11 - 000000000 ____D C:\Program Files\CCleaner
2022-04-07 05:44 - 2022-04-07 05:44 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - U50457
2022-04-07 05:44 - 2022-04-07 05:44 - 000000872 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-04-07 05:44 - 2022-04-07 05:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-04-06 13:54 - 2022-04-11 05:53 - 000000000 ____D C:\Users\U50457\AppData\LocalLow\Temp
2022-04-06 09:40 - 2022-04-06 09:40 - 000001639 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Docházka.lnk
2022-04-06 09:40 - 2022-04-06 09:40 - 000001633 _____ C:\Users\Public\Desktop\Docházka.lnk
2022-04-06 08:06 - 2022-04-06 08:06 - 000000000 ____D C:\Users\U50457\AppData\Local\PeerDistRepub
2022-04-06 08:04 - 2022-04-06 09:27 - 001366562 _____ C:\WINDOWS\ZAM.krnl.trace
2022-04-06 08:03 - 2022-04-06 09:27 - 000000000 ____D C:\Users\U50457\AppData\Local\AMSDK
2022-04-06 08:01 - 2022-04-06 08:01 - 000000000 ____D C:\Program Files\Delfin
2022-04-06 07:24 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2022-04-05 08:50 - 2022-04-13 09:31 - 000000000 ____D C:\Program Files\RogueKiller
2022-04-05 06:20 - 2022-04-05 06:20 - 000000000 ____D C:\ProgramData\Sophos
2022-04-04 11:01 - 2022-04-04 11:01 - 000000000 ____D C:\Users\U50457\AppData\Local\Comms
2022-04-04 05:55 - 2022-04-04 05:55 - 000000000 ____D C:\Users\U50457\AppData\Local\CEF
2022-04-04 05:46 - 2022-04-04 05:46 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-04 05:46 - 2022-04-04 05:46 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-04 05:46 - 2022-04-04 05:46 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-04 05:46 - 2022-04-04 05:46 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-04 05:46 - 2022-04-04 05:46 - 000002036 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-04-04 05:46 - 2022-04-04 05:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-04 05:46 - 2022-04-04 05:46 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-04 05:40 - 2022-04-04 05:55 - 000000000 ____D C:\Users\U50457\AppData\Local\Adobe
2022-04-04 05:30 - 2022-04-04 05:30 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-04 05:30 - 2022-04-04 05:30 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-04 05:30 - 2022-04-04 05:30 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-04-01 10:20 - 2022-04-13 06:07 - 000001018 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-01 10:20 - 2022-04-13 06:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-01 10:20 - 2022-04-13 06:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-01 10:20 - 2022-04-01 10:20 - 000000000 ____D C:\Users\U50457\AppData\Local\Mozilla
2022-04-01 05:42 - 2022-04-01 05:43 - 000000000 ____D C:\AdwCleaner
2022-03-31 13:25 - 2022-04-13 05:54 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-31 12:32 - 2022-03-31 12:33 - 015473560 _____ C:\WINDOWS\system32\RsEyeContactCorrection_Assets.dll
2022-03-31 12:32 - 2022-03-31 12:32 - 017868712 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2022-03-31 12:32 - 2022-03-31 12:32 - 012131224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-03-31 12:27 - 2022-03-31 12:27 - 050126160 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2022-03-31 12:27 - 2022-03-31 12:27 - 006601312 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2022-03-31 12:26 - 2022-03-31 12:26 - 008903232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw06.sys
2022-03-31 12:26 - 2022-03-31 12:26 - 001529416 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter06.dll
2022-03-31 12:24 - 2022-03-31 12:24 - 009906728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2022-03-31 12:24 - 2022-03-31 12:24 - 000786488 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2022-03-31 12:22 - 2022-03-31 12:22 - 000815088 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2022-03-31 12:22 - 2022-03-31 12:22 - 000714184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2022-03-31 12:22 - 2022-03-31 12:22 - 000430536 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll
2022-03-31 12:22 - 2022-03-31 12:22 - 000345544 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo50-11.dll
2022-03-31 12:22 - 2022-03-31 12:22 - 000275912 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2022-03-31 12:22 - 2022-03-31 12:22 - 000058312 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys
2022-03-31 12:22 - 2022-03-31 12:22 - 000048112 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys
2022-03-31 12:22 - 2022-03-31 12:22 - 000047088 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys
2022-03-31 10:06 - 2022-03-31 10:06 - 000000000 ____D C:\Users\U50457\AppData\Local\Tvsukernel
2022-03-31 10:04 - 2022-03-31 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2022-03-31 09:47 - 2022-02-22 01:45 - 000495912 _____ C:\WINDOWS\system32\libvpl.dll
2022-03-31 09:47 - 2022-02-22 01:45 - 000429656 _____ C:\WINDOWS\SysWOW64\libvpl.dll
2022-03-31 09:47 - 2022-02-22 01:44 - 000046488 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 001886912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-31 09:47 - 2022-02-22 01:43 - 001886912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-03-31 09:47 - 2022-02-22 01:43 - 001463904 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-31 09:47 - 2022-02-22 01:43 - 001463904 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-31 09:47 - 2022-02-22 01:43 - 001115672 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 001115672 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000969240 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000969240 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000508792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000459088 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000376160 _____ C:\WINDOWS\system32\ze_loader.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000371592 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000148304 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2022-03-31 09:47 - 2022-02-22 01:43 - 000049152 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2022-03-31 09:47 - 2022-02-22 01:42 - 000410560 _____ C:\WINDOWS\system32\ControlLib.dll
2022-03-31 09:47 - 2022-02-22 01:42 - 000294752 _____ C:\WINDOWS\system32\igfxCPL.cpl
2022-03-31 09:38 - 2022-03-31 09:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2022-03-31 09:37 - 2022-03-31 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software
2022-03-31 09:22 - 2022-03-31 09:22 - 000000000 ____D C:\FibocomLog
2022-03-31 08:56 - 2022-03-31 08:56 - 000000000 ____D C:\Users\U50457\AppData\Local\ElevatedDiagnostics
2022-03-30 05:52 - 2022-03-30 05:52 - 000000000 ____D C:\Users\U50457\AppData\Roaming\QtProject
2022-03-30 05:51 - 2022-03-30 05:52 - 000000000 ____D C:\Program Files (x86)\MiniToolPowerDataRecovery
2022-03-29 12:42 - 2022-03-29 12:42 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-03-29 12:30 - 2022-03-29 12:51 - 000000000 ____D C:\ProgramData\Avast Software
2022-03-29 10:12 - 2022-03-29 10:12 - 000023160 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LHidEqd.sys
2022-03-28 13:40 - 2022-04-13 13:31 - 000000000 ____D C:\Users\U50457\AppData\Roaming\vlc
2022-03-28 13:40 - 2022-03-28 13:40 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2022-03-28 13:40 - 2022-03-28 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-03-28 09:45 - 2022-03-28 09:45 - 000000000 ____D C:\WINDOWS\Panther
2022-03-27 21:17 - 2022-03-27 21:17 - 000906216 _____ (Lenovo) C:\WINDOWS\system32\LPlatSvc.exe
2022-03-27 21:17 - 2022-03-27 21:17 - 000871912 _____ (Lenovo) C:\WINDOWS\system32\ibmpmsvc.exe
2022-03-27 21:17 - 2022-03-27 21:17 - 000050664 _____ (Lenovo) C:\WINDOWS\system32\Drivers\ibmpmdrv.sys
2022-03-27 21:17 - 2022-03-27 21:17 - 000038888 _____ (Lenovo) C:\WINDOWS\system32\Drivers\pmdrvs.sys
2022-03-25 13:52 - 2022-04-13 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2022-03-24 07:03 - 2022-03-24 07:03 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-03-24 07:03 - 2022-03-24 07:03 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-03-24 07:03 - 2022-03-24 07:03 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-03-24 07:03 - 2022-03-24 07:03 - 000011791 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-24 06:54 - 2022-03-24 06:54 - 000000000 ___HD C:\$WinREAgent
2022-03-22 06:57 - 2022-03-23 06:38 - 000000000 ____D C:\Users\U50457\AppData\Roaming\GlarySoft
2022-03-22 06:57 - 2022-03-22 06:57 - 000000000 ____D C:\ProgramData\Glarysoft

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-14 05:46 - 2022-01-18 12:32 - 000000000 ____D C:\Users\U50457\AppData\LocalLow\Mozilla
2022-04-14 05:37 - 2020-09-27 07:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-14 05:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-14 04:31 - 2017-09-29 23:15 - 000000680 _____ C:\WINDOWS\system32\config\netlogon.ftl
2022-04-14 04:12 - 2017-10-04 13:39 - 000000000 ____D C:\PCScan
2022-04-14 04:07 - 2017-09-29 07:50 - 000000000 ___HD C:\Program Files\PCService
2022-04-13 13:56 - 2022-02-09 06:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-13 09:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-13 09:08 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-13 06:11 - 2020-10-26 14:29 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-13 06:11 - 2019-12-07 16:43 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-13 06:11 - 2019-12-07 16:43 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-13 06:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-13 06:10 - 2020-10-26 14:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Symantec Endpoint Protection
2022-04-13 06:07 - 2017-09-29 07:50 - 000000000 __SHD C:\Users\U50457\IntelGraphicsProfiles
2022-04-13 06:05 - 2020-09-27 09:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-13 06:05 - 2020-07-20 15:38 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-13 06:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-13 06:05 - 2017-08-30 03:54 - 000000000 ___HD C:\Intel
2022-04-13 06:04 - 2020-10-26 14:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2022-04-13 06:04 - 2020-10-26 14:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-04-13 06:04 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-04-12 12:59 - 2017-09-29 08:33 - 000000000 ____D C:\ProgramData\Symantec
2022-04-12 12:56 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-12 12:56 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-04-12 12:54 - 2020-09-27 09:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-04-12 12:54 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-12 12:40 - 2019-10-03 13:34 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-04-12 12:35 - 2017-09-29 07:51 - 000000000 ___RD C:\Users\U50457\OneDrive
2022-04-12 12:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-04-12 12:33 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-04-12 06:11 - 2017-09-29 08:32 - 000000000 ____D C:\Users\U50457\AppData\Local\CrashDumps
2022-04-11 11:55 - 2021-02-22 07:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-11 05:43 - 2022-02-15 07:53 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-11 05:43 - 2022-02-15 07:53 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ab93be33686a
2022-04-07 06:16 - 2020-09-27 07:55 - 000453800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-07 06:14 - 2017-11-02 11:20 - 000000000 ____D C:\Users\U50457\AppData\Roaming\Apple Computer
2022-04-07 06:13 - 2017-10-02 07:17 - 000000000 ____D C:\ProgramData\Autodesk
2022-04-06 09:40 - 2017-09-29 07:58 - 000000000 ____D C:\Dochazka_Start
2022-04-06 09:04 - 2017-10-02 08:00 - 000000000 ____D C:\Users\U50457\Desktop\Uzávěrka
2022-04-06 06:12 - 2017-08-30 03:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-04-05 09:36 - 2018-05-02 06:09 - 000000000 ____D C:\Users\U50457\AppData\Local\Lenovo
2022-04-04 05:59 - 2017-10-18 12:25 - 000000000 ____D C:\Users\U50457\AppData\Local\Packages
2022-04-01 10:35 - 2018-05-02 10:23 - 000000000 ____D C:\Users\U50457\AppData\Local\D3DSCache
2022-04-01 10:22 - 2018-04-12 09:22 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-01 06:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-04-01 05:43 - 2020-07-20 14:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2022-04-01 05:43 - 2020-07-20 14:25 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2022-04-01 05:43 - 2020-07-20 14:25 - 000000000 ____D C:\WINDOWS\Lenovo
2022-04-01 05:43 - 2018-05-16 05:51 - 000000000 ____D C:\Users\U50457\AppData\Roaming\IObit
2022-04-01 05:43 - 2018-05-16 05:51 - 000000000 ____D C:\Users\U50457\AppData\LocalLow\IObit
2022-04-01 05:43 - 2018-05-16 05:51 - 000000000 ____D C:\ProgramData\IObit
2022-04-01 05:43 - 2018-05-16 05:51 - 000000000 ____D C:\Program Files (x86)\IObit
2022-04-01 05:43 - 2017-08-30 04:26 - 000000000 ____D C:\ProgramData\Lenovo
2022-04-01 05:43 - 2017-08-30 03:37 - 000000000 ____D C:\Program Files (x86)\Lenovo
2022-04-01 05:43 - 2017-08-30 03:36 - 000000000 ____D C:\Program Files\Lenovo
2022-03-31 13:13 - 2017-09-29 08:32 - 000000000 ____D C:\Users\U50457\AppData\Local\MicrosoftEdge
2022-03-31 12:22 - 2017-08-30 04:00 - 000048112 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2022-03-31 10:06 - 2020-03-24 06:42 - 000000000 ____D C:\WINDOWS\TempInst
2022-03-31 09:54 - 2022-01-19 14:13 - 000004374 _____ C:\WINDOWS\storelibdebug.txt
2022-03-31 09:47 - 2017-09-29 07:50 - 000000000 ____D C:\Users\U50457\AppData\Roaming\Intel
2022-03-31 09:38 - 2018-08-31 11:06 - 000004144 _____ C:\WINDOWS\system32\tbt_log.txt
2022-03-31 09:37 - 2017-08-30 03:36 - 000000000 ____D C:\Program Files (x86)\Intel
2022-03-31 09:32 - 2017-10-02 08:01 - 000014223 _____ C:\Users\U50457\Desktop\Kniha jízd.xlsx
2022-03-31 09:14 - 2017-09-29 07:50 - 000000000 ____D C:\Users\U50457\AppData\Local\VirtualStore
2022-03-30 10:24 - 2018-05-02 08:19 - 000000000 ____D C:\Users\U50457\AppData\Local\PlaceholderTileLogoFolder
2022-03-29 10:16 - 2017-08-30 03:37 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-29 10:13 - 2022-02-16 14:11 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2022-03-29 10:06 - 2020-10-26 14:24 - 000000000 ____D C:\Users\U50457
2022-03-28 13:17 - 2018-07-03 17:27 - 000000000 ____D C:\ProgramData\VEGAS
2022-03-25 07:10 - 2018-05-02 06:09 - 000000000 ____D C:\Users\OEM\AppData\Local\Lenovo
2022-03-24 07:10 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-24 07:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-24 07:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-23 21:13 - 2021-06-11 12:35 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2021-06-11 12:35 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 06:34 - 2019-08-12 11:41 - 000000741 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

==================== Files in the root of some directories ========

2018-05-03 12:59 - 2020-01-07 12:45 - 000004608 _____ () C:\Users\U50457\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-04-07 06:28 - 2022-04-07 06:28 - 000000000 _____ () C:\Users\U50457\AppData\Local\oobelibMkey.log
2022-02-17 07:45 - 2022-02-17 07:45 - 000007625 _____ () C:\Users\U50457\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů