Prosim o kontrolu logu

[lu_cka]

Dobry den, vcera som si stiahla zvlastnu prilohu a otvorila som ju. Cely email vyzeral ako spam, ale kedze to bolo v ramci prace, myslela som si, ze to bude OK. Po otvoreni som subor hned aj zavrela, vymazala a nechala skontrolovat pocitac AVASTom a ESETom a zda sa ze je vsetko v poriadku.
Viete mi to prosim potvrdit? Dakujem

[Rudy]

Zdravím!
Až tu bude nějaký log (FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 ), pokusím se o to.

[lu_cka]

Nech sa paci

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2023
Ran by lucia (administrator) on LUCIA (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X421DAP_M413DA) (01-07-2023 10:47:13)
Running from C:\Users\lucia\Desktop\FRST64.exe
Loaded Profiles: lucia
Platform: Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOSD.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Users\lucia\AppData\Local\Programs\Loom\Loom.exe ->) (Loom, Inc. -> ) C:\Users\lucia\AppData\Local\Programs\Loom\resources\binaries\loom-recorder-production.exe
(C:\Users\lucia\AppData\Local\Programs\Loom\resources\binaries\loom-recorder-production.exe ->) (Loom, Inc. -> ) C:\Users\lucia\AppData\Local\Programs\Loom\resources\binaries\loom_crashpad_handler.exe
(DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSoftwareManager\AsusSoftwareManager.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe
(DriverStore\FileRepository\u0361313.inf_amd64_07132764fbaf152d\B361334\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361313.inf_amd64_07132764fbaf152d\B361334\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(explorer.exe ->) (Grammarly, Inc. -> Grammarly) C:\Users\lucia\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
(explorer.exe ->) (Loom, Inc. -> Loom, Inc.) C:\Users\lucia\AppData\Local\Programs\Loom\Loom.exe <8>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21490.0_x64__8wekyb3d8bbwe\HxTsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361313.inf_amd64_07132764fbaf152d\B361334\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_22112224b463137a\ICEsoundService64.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe <3>
(services.exe ->) (WireGuard LLC -> WireGuard LLC) C:\Program Files\WireGuard\wireguard.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> )
HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\Run: [MicrosoftEdgeAutoLaunch_82F40BDFA38231739BBB93993EB5CBC1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\Run: [electron.app.Loom] => C:\Users\lucia\AppData\Local\Programs\Loom\Loom.exe [149088248 2023-06-23] (Loom, Inc. -> Loom, Inc.)
HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\Run: [Grammarly] => C:\Users\lucia\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [772696 2023-06-23] (Grammarly, Inc. -> Grammarly)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.199\Installer\chrmstp.exe [2023-06-29] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E99D18-5F60-43E8-87C4-E66D71351338} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04E205F7-13CE-4486-9073-43796907D71A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157632 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {2743CAE7-8CE7-4369-8185-C6931955DC1D} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [5029784 2023-06-30] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {3049A96E-C870-4874-BD17-B3990601677A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4940696 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
Task: {3FAAC9E5-4735-4C57-9DFC-FAE2BB759AD6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-06-30] (Avast Software s.r.o. -> Avast Software)
Task: {50E7B341-C2F7-4670-AF5F-9B8BE1E2FEA6} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe [1270344 2021-07-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {53F22CEB-AF96-4301-B654-2EBC13207120} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3860560 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {545B897E-EB2C-40F0-8D07-2397F8DC8528} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-04-26] (Avast Software s.r.o. -> Avast Software)
Task: {59FE65A1-811F-4F09-8A0A-AF209574BD75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F1432F9-9538-4360-AA01-C77488610A25} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [5029784 2023-06-30] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {6AC33857-55E8-4D15-996A-D76FEC99C37B} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7092120 2023-05-03] (Avast Software s.r.o. -> Avast Software)
Task: {7602BD0C-4F7B-4EE6-9C31-75284FF0251B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557352 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {912FD219-768D-4497-9C7D-F4E6CA1F363A} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\lucia\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-06-30] (ESET, spol. s r.o. -> ESET)
Task: {99EBFC19-1BF9-474B-A738-738ADE31CD08} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\lucia\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-06-30] (ESET, spol. s r.o. -> ESET)
Task: {9A424E82-D982-49C6-A07C-C23D4BAAB576} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusHotkey.exe [291456 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {9E9F2486-7C88-44E6-94D9-3FBF0885DDA6} - System32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-28] (Google LLC -> Google LLC)
Task: {A007A11F-5349-4E8D-A1DF-FAA26343507C} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7092120 2023-05-03] (Avast Software s.r.o. -> Avast Software)
Task: {B2235A72-B181-4BB3-9797-B8540491BCC4} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170456 2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7E10574-F4D8-43CF-A065-783759E660BF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157632 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {C08D4809-A5D8-46A8-8C4E-134832F4FA60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C29E636A-7D7C-463B-862A-27E87FB448BF} - System32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-28] (Google LLC -> Google LLC)
Task: {C63BDC5E-B569-483A-9126-DD397AF1152E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557352 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7E9E848-9BE0-4177-9315-819AD7E4FC9B} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1243544 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {CDA52172-B9FE-4DF3-A2C6-79363D229C33} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSoftwareManager\AsusUpdateChecker.exe [797776 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {D57C6913-CCB2-49A4-811F-828AB239C090} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DBB4DF2B-CBBE-4508-88D1-0F4AA334C422} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {F8E11F10-5116-4559-95EE-56CA40F3BC19} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5030808 2023-06-30] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-4155723121-2667523574-2248086810-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.39.90.52 212.39.90.53
Tcpip\..\Interfaces\{11d982cf-3b1d-4325-89b9-467271ba4051}: [DhcpNameServer] 40.53.1.13
Tcpip\..\Interfaces\{82fef607-70e1-40cd-a039-ffa926efd890}: [DhcpNameServer] 212.39.90.52 212.39.90.53

Edge:
=======
Edge Profile: C:\Users\lucia\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-01]
Edge Extension: (Edge relevant text changes) - C:\Users\lucia\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-28]

FireFox:
========
FF DefaultProfile: h551u57f.default
FF ProfilePath: C:\Users\lucia\AppData\Roaming\Mozilla\Firefox\Profiles\h551u57f.default [2023-05-28]
FF ProfilePath: C:\Users\lucia\AppData\Roaming\Mozilla\Firefox\Profiles\mm1th8t8.default-release [2023-05-28]
FF Extension: (Language: Slovenčina (Slovak)) - C:\Users\lucia\AppData\Roaming\Mozilla\Firefox\Profiles\mm1th8t8.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2023-05-28]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Default [2023-07-01]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-28]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-28]
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-01]
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-06-06]
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (McAfee® WebAdvisor) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-05-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-28]
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-06-30]
CHR Notifications: Profile 2 -> hxxps://app.slack.com; hxxps://emaillistver.user.com; hxxps://warmupinbox.user.com
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-28]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-28]
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\AsusAppService\AsusAppService.exe [1174608 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe [1637456 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkRemote\AsusLinkRemote.exe [783952 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOptimization.exe [468600 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSoftwareManager\AsusSoftwareManager.exe [1125456 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSwitch\AsusSwitch.exe [641104 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3860560 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [826960 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8892824 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [578968 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2091928 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [579992 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [17477528 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11774352 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [9007000 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [896248 2023-06-29] (McAfee, LLC -> McAfee, LLC)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [10043288 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WireGuardManager; C:\Program Files\WireGuard\wireguard.exe [8185648 2021-12-22] (WireGuard LLC -> WireGuard LLC)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [135296 2020-05-12] (Alcorlink Corp. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_314b5cb6bf57f471\AsusPTPFilter.sys [116712 2021-12-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemAnalysis\AsusSAIO.sys [46720 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31368 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [237424 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392832 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39600 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272016 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556576 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [943456 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [704264 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319512 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [76664 2023-06-30] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusWmiAcpi.sys [48760 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-06-08] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-01 10:47 - 2023-07-01 10:47 - 000030296 _____ C:\Users\lucia\Desktop\FRST.txt
2023-07-01 10:47 - 2023-07-01 10:47 - 000000000 ____D C:\FRST
2023-07-01 10:45 - 2023-07-01 10:45 - 002383360 _____ (Farbar) C:\Users\lucia\Desktop\FRST64.exe
2023-06-30 21:54 - 2023-06-30 21:54 - 000003838 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-06-30 21:54 - 2023-06-30 21:54 - 000003396 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-06-30 20:45 - 2023-06-30 20:45 - 015274968 _____ (ESET) C:\Users\lucia\Downloads\esetonlinescanner.exe
2023-06-30 20:45 - 2023-06-30 20:45 - 000001384 _____ C:\Users\lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-06-30 20:45 - 2023-06-30 20:45 - 000000000 ____D C:\Users\lucia\AppData\Local\ESET
2023-06-30 20:38 - 2023-06-30 20:38 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\MMC
2023-06-30 18:03 - 2023-06-30 18:03 - 000002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
2023-06-30 18:03 - 2023-06-30 18:03 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Avast Software
2023-06-30 18:03 - 2023-06-30 18:03 - 000000000 ____D C:\Users\lucia\AppData\Local\CEF
2023-06-30 18:03 - 2023-06-30 18:03 - 000000000 ____D C:\Users\lucia\AppData\Local\Avast Software
2023-06-30 18:02 - 2023-06-30 18:02 - 000076664 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2023-06-30 18:02 - 2023-06-30 18:02 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-06-30 18:02 - 2023-06-30 18:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-06-30 18:01 - 2023-06-30 18:01 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-06-30 18:01 - 2023-06-30 18:01 - 000040344 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2023-06-30 18:01 - 2023-06-30 18:01 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-06-30 18:01 - 2023-06-30 18:01 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-06-30 18:00 - 2023-06-30 18:02 - 000000000 ____D C:\ProgramData\Avast Software
2023-06-30 18:00 - 2023-06-30 18:02 - 000000000 ____D C:\Program Files\Avast Software
2023-06-30 18:00 - 2023-06-30 18:00 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-06-30 18:00 - 2023-06-30 18:00 - 000263576 _____ (AVAST Software) C:\Users\lucia\Downloads\avast_one_free_antivirus.exe
2023-06-30 17:56 - 2023-06-30 17:55 - 001376256 _____ C:\ProgramData\31706289927101938157231548
2023-06-30 17:56 - 2023-06-30 16:37 - 000090112 _____ C:\ProgramData\28292933857092614241452008
2023-06-30 17:56 - 2023-06-06 09:25 - 000069632 _____ C:\ProgramData\03646492469937064696855655
2023-06-30 17:56 - 2023-05-28 08:16 - 000020480 _____ C:\ProgramData\68001654331923453899876031
2023-06-30 17:55 - 2023-06-30 14:04 - 001441792 _____ C:\ProgramData\10042146080825291746101937
2023-06-30 14:05 - 2023-06-30 14:20 - 000000000 ____D C:\Users\lucia\Desktop\blog
2023-06-29 07:33 - 2023-06-29 07:33 - 000000000 ____D C:\Users\lucia\Desktop\Sherlock Holmes
2023-06-29 07:30 - 2023-06-29 07:31 - 000000000 ____D C:\Users\lucia\Desktop\The Vampire Diaries
2023-06-25 12:57 - 2023-06-25 12:57 - 000004655 _____ C:\Users\lucia\Desktop\taliansko.odt
2023-06-14 11:42 - 2023-06-14 11:42 - 000000000 ___HD C:\$WinREAgent
2023-06-08 19:14 - 2023-06-08 19:14 - 000001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WireGuard.lnk
2023-06-08 19:14 - 2023-06-08 19:14 - 000000000 ____D C:\Program Files\WireGuard
2023-06-08 19:13 - 2023-06-08 19:14 - 000087360 _____ (WireGuard LLC) C:\Users\lucia\Desktop\wireguard-installer.exe
2023-06-03 10:59 - 2023-06-03 10:59 - 000000000 ____D C:\Users\lucia\Documents\Vlastné šablóny balíka Office
2023-06-01 21:48 - 2023-06-27 20:48 - 000001429 _____ C:\Users\lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2023-06-01 21:48 - 2023-06-01 21:48 - 016542528 _____ () C:\Users\lucia\Downloads\GrammarlyInstaller.cHxAP90dbibx8243faci06g2.exe
2023-06-01 21:48 - 2023-06-01 21:48 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Grammarly
2023-06-01 21:48 - 2023-06-01 21:48 - 000000000 ____D C:\Users\lucia\AppData\Local\Grammarly

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-01 10:45 - 2023-05-29 18:30 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-07-01 10:44 - 2023-05-28 22:41 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Loom
2023-07-01 10:44 - 2023-05-28 08:14 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-01 10:44 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-01 10:43 - 2023-05-29 18:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-01 10:43 - 2022-05-07 08:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-30 20:48 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-30 20:40 - 2022-05-07 08:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-06-30 18:12 - 2022-05-07 08:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-30 18:04 - 2023-05-30 14:46 - 000804924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-30 18:04 - 2022-05-07 08:22 - 000000000 ____D C:\WINDOWS\INF
2023-06-30 18:01 - 2022-05-07 08:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-06-30 17:57 - 2023-05-29 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-30 17:57 - 2022-07-08 02:20 - 000012288 ___SH C:\DumpStack.log.tmp
2023-06-30 17:57 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-06-30 17:57 - 2022-05-07 08:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-06-30 17:55 - 2022-08-02 08:04 - 000000000 ____D C:\Users\lucia\AppData\Local\D3DSCache
2023-06-30 16:18 - 2023-05-28 22:28 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\Word
2023-06-30 11:12 - 2023-05-29 14:16 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\Excel
2023-06-29 07:29 - 2023-05-28 08:15 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-29 07:29 - 2023-05-28 08:15 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-06-28 19:48 - 2023-05-29 18:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4155723121-2667523574-2248086810-1001
2023-06-28 19:48 - 2023-05-29 18:30 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4155723121-2667523574-2248086810-1001
2023-06-28 19:48 - 2022-08-02 08:06 - 000002373 _____ C:\Users\lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-28 16:23 - 2023-05-28 22:32 - 000000000 ____D C:\Users\lucia\Desktop\lensbatohom.sk blogy
2023-06-28 13:44 - 2023-05-28 22:17 - 000000000 ____D C:\Users\lucia\Desktop\road trip NP október 2021
2023-06-28 13:29 - 2023-05-28 22:12 - 000000000 ____D C:\Users\lucia\Desktop\CA road trip 20.12.-27.12.2019
2023-06-24 18:48 - 2022-07-08 02:20 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-24 07:36 - 2020-11-21 04:23 - 000000000 ____D C:\Program Files\Microsoft Office
2023-06-23 16:02 - 2023-05-28 22:24 - 000009453 _____ C:\Users\lucia\Desktop\puss.odt
2023-06-23 07:36 - 2023-05-28 22:23 - 000000000 ____D C:\Users\lucia\Desktop\profilovky
2023-06-22 11:32 - 2022-08-02 08:04 - 000000000 ____D C:\Users\lucia\AppData\Local\Packages
2023-06-18 23:15 - 2023-05-31 09:32 - 000000000 ____D C:\Users\lucia\AppData\Roaming\vlc
2023-06-17 09:00 - 2023-05-29 18:30 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2023-06-17 09:00 - 2023-05-29 18:30 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-06-16 07:33 - 2023-05-29 18:30 - 000003828 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9}
2023-06-16 07:33 - 2023-05-29 18:30 - 000003704 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60}
2023-06-14 18:15 - 2023-05-29 18:26 - 000468032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\WUModels
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\UUS
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\Globalization
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-14 18:14 - 2022-05-07 08:17 - 000000000 ____D C:\WINDOWS\servicing
2023-06-14 15:34 - 2022-08-02 00:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-14 15:32 - 2022-08-02 00:44 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-14 11:50 - 2022-05-07 08:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-14 11:47 - 2023-05-29 18:30 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-13 21:55 - 2022-07-08 02:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-13 09:51 - 2023-05-29 18:30 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-13 09:51 - 2023-05-29 18:30 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-11 16:16 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-06-09 22:38 - 2023-05-29 10:08 - 000000000 ___DC C:\WINDOWS\Panther
2023-06-03 11:05 - 2023-05-28 21:59 - 000000000 ____D C:\Users\lucia\Desktop\clanky stare plus fotky na blog
2023-06-01 22:03 - 2023-05-28 22:28 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\Office
2023-06-01 21:55 - 2023-05-28 22:28 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\UProof

==================== Files in the root of some directories ========

2022-09-05 10:49 - 2022-09-05 10:49 - 000685392 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2022-09-05 10:49 - 2022-09-05 10:49 - 000608080 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2022-09-05 10:49 - 2022-09-05 10:49 - 000450024 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2022-09-05 10:49 - 2022-09-05 10:49 - 002046288 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2022-09-05 10:49 - 2022-09-05 10:49 - 000257872 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2022-09-05 10:49 - 2022-09-05 10:49 - 000080880 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2023-05-29 14:09 - 2023-05-29 14:09 - 000000003 _____ () C:\Users\lucia\AppData\Local\updater.log
2023-05-29 14:09 - 2023-05-29 17:18 - 000000424 _____ () C:\Users\lucia\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2023
Ran by lucia (01-07-2023 10:48:14)
Running from C:\Users\lucia\Desktop
Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) (2023-05-30 11:38:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4155723121-2667523574-2248086810-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4155723121-2667523574-2248086810-503 - Limited - Disabled)
Guest (S-1-5-21-4155723121-2667523574-2248086810-501 - Limited - Disabled)
lucia (S-1-5-21-4155723121-2667523574-2248086810-1001 - Administrator - Enabled) => C:\Users\lucia
WDAGUtilityAccount (S-1-5-21-4155723121-2667523574-2248086810-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast One (HKLM\...\Avast Antivirus) (Version: 23.6.6070 - Avast Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
Grammarly for Windows (HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\Grammarly Desktop Integrations) (Version: 1.0.35.662 - Grammarly)
LibreOffice 7.5.3.2 (HKLM\...\{063CC195-EEF8-4601-89C6-CB18230BD5E6}) (Version: 7.5.3.2 - The Document Foundation)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Loom 0.165.0 (HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\3643b966-bc28-5bc8-95ff-3d47d66438db) (Version: 0.165.0 - Loom, Inc.)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.16501.20228 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\OneDriveSetup.exe) (Version: 23.122.0611.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebAdvisor od McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.820 - McAfee, LLC)
WireGuard (HKLM\...\{2FDB79CE-5193-4A39-82BB-E00158CC1533}) (Version: 0.5.3 - WireGuard LLC)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-08-02] (Advanced Micro Devices Inc.) [Startup Task]
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.31.0_x64__dxp88312j1fgj [2023-06-29] (ICEpower)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-08-02] (McAfee LLC.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2305.14003.0_x64__8wekyb3d8bbwe [2023-06-08] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-05-30] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-06-18] (Microsoft Corporation)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-30] (Microsoft Corporation) [Startup Task]
ms-resource:AppDisplayName -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy [2023-06-14] (ASUSTeK COMPUTER INC.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.253.0_x64__dt26b99r8h8gj [2022-08-02] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-05-28] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-07-01 10:44 - 2023-07-01 10:44 - 000666624 _____ () [File not signed] \\?\C:\Users\lucia\AppData\Local\Temp\b79232a0-1082-4a53-8463-346f75e8c615.tmp.node
2023-07-01 10:44 - 2023-07-01 10:44 - 001004032 _____ () [File not signed] \\?\C:\Users\lucia\AppData\Local\Temp\ca67cf58-14ce-4e6f-84ce-3bd6beb7291b.tmp.node
2023-06-29 10:52 - 2023-06-23 21:04 - 002789376 _____ () [File not signed] C:\Users\lucia\AppData\Local\Programs\Loom\ffmpeg.dll
2023-06-29 10:52 - 2023-06-23 21:04 - 000471040 _____ () [File not signed] C:\Users\lucia\AppData\Local\Programs\Loom\libegl.dll
2023-06-29 10:52 - 2023-06-23 21:04 - 007179264 _____ () [File not signed] C:\Users\lucia\AppData\Local\Programs\Loom\libglesv2.dll
2023-06-22 07:41 - 2023-06-23 21:04 - 004759552 _____ () [File not signed] C:\Users\lucia\AppData\Local\Programs\Loom\vk_swiftshader.dll
2020-11-21 04:23 - 2020-11-21 04:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-11-21 04:23 - 2020-11-21 04:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-08-02] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-08-02] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 12:14 - 2019-12-07 12:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\asus\wallpapers\asus.jpg
DNS Servers: 212.39.90.52 - 212.39.90.53
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BED62A86-2857-4F3F-9607-AEEAD70720A4}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.410.2053.8773_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BD91FF0-ECC6-49C2-81E0-5F7861BA57E1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.410.2053.8773_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D6A64BB-2E4A-4AE9-AEC0-172114DF365A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{0012EC4E-3F09-4382-A03C-E3808FC5EE8D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6653472E-416B-4046-82E7-54A81F03B2DC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F61FE7F6-FE4A-4B97-85A2-57CC249191F3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F520301-0F80-47CC-98BD-B0687B4525DE}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{5CDFE7B3-6245-4ED3-83E0-317EC5695318}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{2185BC64-A3B4-445B-B1F8-F69C1195E6C0}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3B4F6D07-2D60-4268-AD46-8054E3D3B649}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{56438292-D03C-4B38-BB4B-3C77955735F5}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{B4B94DC3-755A-450D-9025-7CFB63367FBE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE0E5778-31D2-4E42-8758-B6321A0CE30B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D724C95C-E5E4-4910-95FF-01A3A8452804}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CE1E467-2B56-4145-B389-7E6FFF092CDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87B22CD1-ED72-423B-A7E7-47B1852D5701}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E6639F38-D08D-4EDD-8962-7A743C8FF6FC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{29BB550C-75F5-47BD-B26F-8323E15214C8}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{6D888062-6FA2-4596-9715-A9307F17940E}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{BC070F25-FD16-4D22-94C8-350AD1093063}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{8AFA46B8-A0D4-4328-BE45-652B661184C8}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{C7944A16-12F0-4FC5-85DC-05B96F97B73A}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{CFC1A519-EECB-4F76-BA67-EF58BE8E6E21}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AF9E4E79-CC1C-481F-8ACC-E065F031542E}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

23-06-2023 10:27:57 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/30/2023 08:41:04 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program SecHealthUI.exe version 10.0.25305.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (06/30/2023 05:57:34 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LUCIA$ via https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 30 Jun 2023 14:57:35 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 75adff05-3190-478f-b694-f51270b9efb9

Method: GET(250ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/30/2023 05:57:34 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 30 Jun 2023 14:57:34 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d0846ee3-da05-46da-885e-754f0040f6cb

Method: GET(1281ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/30/2023 05:57:23 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Názov chybujúcej aplikácie: AsusLinkNear.exe, verzia: 2.1.19.0, časová značka: 0x64658450
Názov chybujúceho modulu: AsusLinkNear.exe, verzia: 2.1.19.0, časová značka: 0x64658450
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000097c2c
Identifikácia chybujúceho procesu: 0x0x1150
Čas spustenia chybujúcej aplikácie: 0x0x1d9ab632a777402
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe
Identifikácia hlásenia: de99091a-f073-44fe-bf20-2c5e3fe3f103
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/28/2023 08:18:19 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LUCIA$ via https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 28 Jun 2023 05:18:21 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f6e83fe4-cc05-4636-a467-bb82606ce6e6

Method: GET(312ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/28/2023 08:18:18 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 28 Jun 2023 05:18:19 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: c2be3c96-7fbf-4fbd-8094-631bf04209dc

Method: GET(469ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/17/2023 09:00:33 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Názov chybujúcej aplikácie: RtkAudUService64.exe, verzia: 1.0.392.1, časová značka: 0x60e2c483
Názov chybujúceho modulu: combase.dll, verzia: 10.0.22621.1485, časová značka: 0xa8be94cc
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000ca56b
Identifikácia chybujúceho procesu: 0x0xc9c
Čas spustenia chybujúcej aplikácie: 0x0x1d99eeaeb4bcd57
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\combase.dll
Identifikácia hlásenia: 14fd29ed-da7c-499c-910c-2824068236c3
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/17/2023 09:00:32 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Názov chybujúcej aplikácie: RtkAudUService64.exe, verzia: 1.0.392.1, časová značka: 0x60e2c483
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x000001ae77e45700
Identifikácia chybujúceho procesu: 0x0xc9c
Čas spustenia chybujúcej aplikácie: 0x0x1d99eeaeb4bcd57
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: fe9bb8fe-dcbe-4a98-bbd1-8e8f8e87d08a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (07/01/2023 07:26:40 AM) (Source: DCOM) (EventID: 10010) (User: LUCIA)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (06/30/2023 10:03:38 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 2a01:5a8:30d:61c6:84a7b654:8538 with the system
having network hardware address 00-00-00-00-00-00. Network operations on this system may
be disrupted as a result.

Error: (06/30/2023 08:49:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby eapihdrv zlyhalo kvôli nasledujúcej chybe:
This driver has been blocked from loading

Error: (06/30/2023 08:49:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\lucia\AppData\Local\Temp\ehdrv.sys

Error: (06/30/2023 08:49:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby eapihdrv zlyhalo kvôli nasledujúcej chybe:
This driver has been blocked from loading

Error: (06/30/2023 08:49:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\lucia\AppData\Local\Temp\ehdrv.sys

Error: (06/30/2023 08:49:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby eapihdrv zlyhalo kvôli nasledujúcej chybe:
This driver has been blocked from loading

Error: (06/30/2023 08:49:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\lucia\AppData\Local\Temp\ehdrv.sys


Windows Defender:
================
Date: 2023-06-30 11:36:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-06-29 11:07:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-06-27 10:32:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-06-26 10:13:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-06-25 09:50:12
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2023-07-01 10:43:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-07-01 08:35:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X421DAP.301 04/10/2020
Motherboard: ASUSTeK COMPUTER INC. X421DAP
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 86%
Total physical RAM: 6094.18 MB
Available physical RAM: 843.56 MB
Total Virtual: 11470.18 MB
Available Virtual: 4775.52 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:475.5 GB) (Free:299.23 GB) (Model: INTEL SSDPEKNW512G8) NTFS

\\?\Volume{444030d8-04fe-4289-bdae-aa6e3cd5e004}\ (RECOVERY) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{57c6fbd4-42c2-4e36-838c-b7e4b1657372}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.14 GB) FAT32
\\?\Volume{7f471e87-932e-4f1f-b671-339820b5f247}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 166037A6)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[lu_cka]

Malwarebytes
www.malwarebytes.com

-Podrobnosti denníka-
Dátum skenovania: 1. 7. 2023
Čas skenovania: 14:42
Súbor denníka: 65c08c1e-1804-11ee-abd0-80d21ddb4476.json

-Údaje o softvéri-
Verzia: 4.5.32.271
Verzia súčastí: 1.0.2051
Aktualizovať verziu balíka: 1.0.71799
Licencia: Skúšobná verzia

-Systémové informácie-
OS: Windows 11 (Build 22621.1848)
Procesor: x64
Systém súborov: NTFS
Používateľ: Lucia\lucia

-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 245599
Zistené hrozby: 6
Hrozby umiestnené do karantény: 0
Uplynulý čas: 4 min, 7 s

-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť

-Podrobnosti skenovania-
Proces: 0
(Nezistili sa nijaké škodlivé položky)

Modul: 0
(Nezistili sa nijaké škodlivé položky)

Kľúč databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)

Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)

Priečinok: 0
(Nezistili sa nijaké škodlivé položky)

Súbor: 6
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\VCRUNTIME140.DLL, Bez zásahu používateľa, 9826, 820419, 1.0.71799, , ame, , A37EE36B536409056A86F50E67777DD7, 8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\SOFTOKN3.DLL, Bez zásahu používateľa, 9826, 820420, 1.0.71799, , ame, , 4E52D739C324DB8225BD9AB2695F262F, 74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\NSS3.DLL, Bez zásahu používateľa, 9826, 820421, 1.0.71799, , ame, , 1CC453CDF74F31E4D913FF9C10ACDDE2, AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\FREEBL3.DLL, Bez zásahu používateľa, 9826, 820418, 1.0.71799, , ame, , 550686C0EE48C386DFCB40199BD076AC, EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\MOZGLUE.DLL, Bez zásahu používateľa, 9826, 820422, 1.0.71799, , ame, , C8FD9BE83BC728CC04BEFFAFC2907FE9, BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
RiskWare.MisusedLegit.E, C:\PROGRAMDATA\MSVCP140.DLL, Bez zásahu používateľa, 9826, 820423, 1.0.71799, , ame, , 5FF1FCA37C466D6723EC67BE93B51442, 5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062

Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)

WMI: 0
(Nezistili sa nijaké škodlivé položky)


(end)

[Rudy]

Nalezené položky smažte (dejte do karantény), restartujte a dejte nové logy FRST+ Addition.

[lu_cka]

Dakujem, paci sa:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2023
Ran by lucia (administrator) on LUCIA (ASUSTeK COMPUTER INC. VivoBook_ASUSLaptop X421DAP_M413DA) (01-07-2023 16:16:25)
Running from C:\Users\lucia\Desktop\FRST64.exe
Loaded Profiles: lucia
Platform: Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOSD.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Users\lucia\AppData\Local\Programs\Loom\Loom.exe ->) (Loom, Inc. -> ) C:\Users\lucia\AppData\Local\Programs\Loom\resources\binaries\loom-recorder-production.exe
(C:\Users\lucia\AppData\Local\Programs\Loom\resources\binaries\loom-recorder-production.exe ->) (Loom, Inc. -> ) C:\Users\lucia\AppData\Local\Programs\Loom\resources\binaries\loom_crashpad_handler.exe
(DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOptimization.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOptimizationStartupTask.exe
(DriverStore\FileRepository\u0361313.inf_amd64_07132764fbaf152d\B361334\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361313.inf_amd64_07132764fbaf152d\B361334\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <19>
(explorer.exe ->) (Grammarly, Inc. -> Grammarly) C:\Users\lucia\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe
(explorer.exe ->) (Loom, Inc. -> Loom, Inc.) C:\Users\lucia\AppData\Local\Programs\Loom\Loom.exe <8>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.7\Lightshot.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361313.inf_amd64_07132764fbaf152d\B361334\atiesrxx.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkRemote\AsusLinkRemote.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\AsusAppService\AsusAppService.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOptimization.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSoftwareManager\AsusSoftwareManager.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSwitch\AsusSwitch.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemAnalysis\AsusSystemAnalysis.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_22112224b463137a\ICEsoundService64.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe <3>
(services.exe ->) (WireGuard LLC -> WireGuard LLC) C:\Program Files\WireGuard\wireguard.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-22] (Kilonova LLC -> )
HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\Run: [MicrosoftEdgeAutoLaunch_82F40BDFA38231739BBB93993EB5CBC1] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\Run: [electron.app.Loom] => C:\Users\lucia\AppData\Local\Programs\Loom\Loom.exe [149088248 2023-06-23] (Loom, Inc. -> Loom, Inc.)
HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\Run: [Grammarly] => C:\Users\lucia\AppData\Local\Grammarly\DesktopIntegrations\Grammarly.Desktop.exe [772696 2023-06-23] (Grammarly, Inc. -> Grammarly)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.199\Installer\chrmstp.exe [2023-06-29] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02E99D18-5F60-43E8-87C4-E66D71351338} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04E205F7-13CE-4486-9073-43796907D71A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157632 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {2743CAE7-8CE7-4369-8185-C6931955DC1D} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [5029784 2023-06-30] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {3049A96E-C870-4874-BD17-B3990601677A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4940696 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
Task: {3FAAC9E5-4735-4C57-9DFC-FAE2BB759AD6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-06-30] (Avast Software s.r.o. -> Avast Software)
Task: {50E7B341-C2F7-4670-AF5F-9B8BE1E2FEA6} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe [1270344 2021-07-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {53F22CEB-AF96-4301-B654-2EBC13207120} - System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3860560 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {545B897E-EB2C-40F0-8D07-2397F8DC8528} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-04-26] (Avast Software s.r.o. -> Avast Software)
Task: {59FE65A1-811F-4F09-8A0A-AF209574BD75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F1432F9-9538-4360-AA01-C77488610A25} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [5029784 2023-06-30] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {6AC33857-55E8-4D15-996A-D76FEC99C37B} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7092120 2023-05-03] (Avast Software s.r.o. -> Avast Software)
Task: {7602BD0C-4F7B-4EE6-9C31-75284FF0251B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557352 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {912FD219-768D-4497-9C7D-F4E6CA1F363A} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\lucia\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-06-30] (ESET, spol. s r.o. -> ESET)
Task: {99EBFC19-1BF9-474B-A738-738ADE31CD08} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\lucia\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-06-30] (ESET, spol. s r.o. -> ESET)
Task: {9A424E82-D982-49C6-A07C-C23D4BAAB576} - System32\Tasks\ASUS Optimization 36D18D69AFC3 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusHotkey.exe [291456 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {9E9F2486-7C88-44E6-94D9-3FBF0885DDA6} - System32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-28] (Google LLC -> Google LLC)
Task: {A007A11F-5349-4E8D-A1DF-FAA26343507C} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7092120 2023-05-03] (Avast Software s.r.o. -> Avast Software)
Task: {B2235A72-B181-4BB3-9797-B8540491BCC4} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170456 2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7E10574-F4D8-43CF-A065-783759E660BF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157632 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {C08D4809-A5D8-46A8-8C4E-134832F4FA60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C29E636A-7D7C-463B-862A-27E87FB448BF} - System32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-28] (Google LLC -> Google LLC)
Task: {C63BDC5E-B569-483A-9126-DD397AF1152E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557352 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7E9E848-9BE0-4177-9315-819AD7E4FC9B} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1243544 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {CDA52172-B9FE-4DF3-A2C6-79363D229C33} - System32\Tasks\ASUS Update Checker 2.0 => C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSoftwareManager\AsusUpdateChecker.exe [797776 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
Task: {D57C6913-CCB2-49A4-811F-828AB239C090} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DBB4DF2B-CBBE-4508-88D1-0F4AA334C422} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {F8E11F10-5116-4559-95EE-56CA40F3BC19} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5030808 2023-06-30] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-4155723121-2667523574-2248086810-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.39.90.52 212.39.90.53
Tcpip\..\Interfaces\{11d982cf-3b1d-4325-89b9-467271ba4051}: [DhcpNameServer] 40.53.1.13
Tcpip\..\Interfaces\{82fef607-70e1-40cd-a039-ffa926efd890}: [DhcpNameServer] 212.39.90.52 212.39.90.53

Edge:
=======
Edge Profile: C:\Users\lucia\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-01]
Edge Extension: (Edge relevant text changes) - C:\Users\lucia\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-28]

FireFox:
========
FF DefaultProfile: h551u57f.default
FF ProfilePath: C:\Users\lucia\AppData\Roaming\Mozilla\Firefox\Profiles\h551u57f.default [2023-05-28]
FF ProfilePath: C:\Users\lucia\AppData\Roaming\Mozilla\Firefox\Profiles\mm1th8t8.default-release [2023-05-28]
FF Extension: (Language: Slovenčina (Slovak)) - C:\Users\lucia\AppData\Roaming\Mozilla\Firefox\Profiles\mm1th8t8.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2023-05-28]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Default [2023-07-01]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-28]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-28]
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-01]
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-06-06]
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (McAfee® WebAdvisor) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-05-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-28]
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-07-01]
CHR Notifications: Profile 2 -> hxxps://app.slack.com; hxxps://emaillistver.user.com; hxxps://warmupinbox.user.com
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-28]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lucia\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-28]
CHR Profile: C:\Users\lucia\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsusAppService; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\AsusAppService\AsusAppService.exe [1174608 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSLinkNear; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe [1637456 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
R2 ASUSLinkRemote; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkRemote\AsusLinkRemote.exe [783952 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
R2 ASUSOptimization; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusOptimization.exe [468600 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSoftwareManager; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSoftwareManager\AsusSoftwareManager.exe [1125456 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSwitch; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSwitch\AsusSwitch.exe [641104 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemAnalysis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemAnalysis\AsusSystemAnalysis.exe [3860560 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R2 ASUSSystemDiagnosis; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [826960 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8892824 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [578968 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2091928 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [579992 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [17477528 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11774352 2023-06-24] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [9007000 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266864 2023-07-01] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [896248 2023-06-29] (McAfee, LLC -> McAfee, LLC)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [10043288 2023-06-30] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WireGuardManager; C:\Program Files\WireGuard\wireguard.exe [8185648 2021-12-22] (WireGuard LLC -> WireGuard LLC)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25016 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [135296 2020-05-12] (Alcorlink Corp. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\DriverStore\FileRepository\asusptpfilter.inf_amd64_314b5cb6bf57f471\AsusPTPFilter.sys [116712 2021-12-02] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
R3 AsusSAIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSystemAnalysis\AsusSAIO.sys [46720 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
S0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31368 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [237424 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392832 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39600 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272016 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556576 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [943456 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [704264 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319512 2023-06-30] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [76664 2023-06-30] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSOptimization\AsusWmiAcpi.sys [48760 2023-05-17] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-07-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233216 2023-07-01] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77752 2023-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-07-01] (Malwarebytes Inc. -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-06-08] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-01 14:48 - 2023-07-01 14:48 - 000002819 _____ C:\Users\lucia\Desktop\AdwCleaner.txt
2023-07-01 14:42 - 2023-07-01 14:42 - 000233216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2023-07-01 14:42 - 2023-07-01 14:42 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-07-01 14:42 - 2023-07-01 14:42 - 000000000 ____D C:\Users\lucia\AppData\Local\mbam
2023-07-01 14:41 - 2023-07-01 14:42 - 000000000 ____D C:\Users\lucia\AppData\Local\Malwarebytes
2023-07-01 14:41 - 2023-07-01 14:41 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-07-01 14:41 - 2023-07-01 14:41 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-07-01 14:40 - 2023-07-01 14:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-07-01 14:40 - 2023-07-01 14:40 - 000000000 ____D C:\Program Files\Malwarebytes
2023-07-01 14:37 - 2023-07-01 14:38 - 002649072 _____ (Malwarebytes) C:\Users\lucia\Desktop\MBSetup.exe
2023-07-01 10:48 - 2023-07-01 10:49 - 000027318 _____ C:\Users\lucia\Desktop\Addition.txt
2023-07-01 10:47 - 2023-07-01 16:17 - 000030780 _____ C:\Users\lucia\Desktop\FRST.txt
2023-07-01 10:47 - 2023-07-01 16:16 - 000000000 ____D C:\FRST
2023-07-01 10:45 - 2023-07-01 10:45 - 002383360 _____ (Farbar) C:\Users\lucia\Desktop\FRST64.exe
2023-06-30 21:54 - 2023-06-30 21:54 - 000003838 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-06-30 21:54 - 2023-06-30 21:54 - 000003396 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-06-30 20:45 - 2023-06-30 20:45 - 015274968 _____ (ESET) C:\Users\lucia\Downloads\esetonlinescanner.exe
2023-06-30 20:45 - 2023-06-30 20:45 - 000001384 _____ C:\Users\lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-06-30 20:45 - 2023-06-30 20:45 - 000000000 ____D C:\Users\lucia\AppData\Local\ESET
2023-06-30 20:38 - 2023-06-30 20:38 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\MMC
2023-06-30 18:03 - 2023-06-30 18:03 - 000002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk
2023-06-30 18:03 - 2023-06-30 18:03 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Avast Software
2023-06-30 18:03 - 2023-06-30 18:03 - 000000000 ____D C:\Users\lucia\AppData\Local\CEF
2023-06-30 18:03 - 2023-06-30 18:03 - 000000000 ____D C:\Users\lucia\AppData\Local\Avast Software
2023-06-30 18:02 - 2023-06-30 18:02 - 000076664 _____ (Avast Software) C:\WINDOWS\system32\Drivers\aswVpnRdr.sys
2023-06-30 18:02 - 2023-06-30 18:02 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-06-30 18:02 - 2023-06-30 18:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-06-30 18:01 - 2023-06-30 18:01 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-06-30 18:01 - 2023-06-30 18:01 - 000040344 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2023-06-30 18:01 - 2023-06-30 18:01 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-06-30 18:01 - 2023-06-30 18:01 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-06-30 18:00 - 2023-06-30 18:02 - 000000000 ____D C:\ProgramData\Avast Software
2023-06-30 18:00 - 2023-06-30 18:02 - 000000000 ____D C:\Program Files\Avast Software
2023-06-30 18:00 - 2023-06-30 18:00 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2023-06-30 18:00 - 2023-06-30 18:00 - 000263576 _____ (AVAST Software) C:\Users\lucia\Downloads\avast_one_free_antivirus.exe
2023-06-30 17:56 - 2023-06-30 17:55 - 001376256 _____ C:\ProgramData\31706289927101938157231548
2023-06-30 17:56 - 2023-06-30 16:37 - 000090112 _____ C:\ProgramData\28292933857092614241452008
2023-06-30 17:56 - 2023-06-06 09:25 - 000069632 _____ C:\ProgramData\03646492469937064696855655
2023-06-30 17:56 - 2023-05-28 08:16 - 000020480 _____ C:\ProgramData\68001654331923453899876031
2023-06-30 17:55 - 2023-06-30 14:04 - 001441792 _____ C:\ProgramData\10042146080825291746101937
2023-06-30 14:05 - 2023-07-01 14:07 - 000000000 ____D C:\Users\lucia\Desktop\blog
2023-06-29 07:33 - 2023-06-29 07:33 - 000000000 ____D C:\Users\lucia\Desktop\Sherlock Holmes
2023-06-29 07:30 - 2023-06-29 07:31 - 000000000 ____D C:\Users\lucia\Desktop\The Vampire Diaries
2023-06-25 12:57 - 2023-06-25 12:57 - 000004655 _____ C:\Users\lucia\Desktop\taliansko.odt
2023-06-14 11:42 - 2023-06-14 11:42 - 000000000 ___HD C:\$WinREAgent
2023-06-08 19:14 - 2023-06-08 19:14 - 000001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WireGuard.lnk
2023-06-08 19:14 - 2023-06-08 19:14 - 000000000 ____D C:\Program Files\WireGuard
2023-06-08 19:13 - 2023-06-08 19:14 - 000087360 _____ (WireGuard LLC) C:\Users\lucia\Desktop\wireguard-installer.exe
2023-06-03 10:59 - 2023-06-03 10:59 - 000000000 ____D C:\Users\lucia\Documents\Vlastné šablóny balíka Office
2023-06-01 21:48 - 2023-06-27 20:48 - 000001429 _____ C:\Users\lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly.lnk
2023-06-01 21:48 - 2023-06-01 21:48 - 016542528 _____ () C:\Users\lucia\Downloads\GrammarlyInstaller.cHxAP90dbibx8243faci06g2.exe
2023-06-01 21:48 - 2023-06-01 21:48 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Grammarly
2023-06-01 21:48 - 2023-06-01 21:48 - 000000000 ____D C:\Users\lucia\AppData\Local\Grammarly

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-07-01 16:16 - 2023-05-29 18:30 - 000003752 _____ C:\WINDOWS\system32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474
2023-07-01 16:14 - 2023-05-28 22:41 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Loom
2023-07-01 16:14 - 2023-05-28 08:14 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-01 16:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-01 16:14 - 2022-05-07 08:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-01 15:18 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-01 14:42 - 2022-08-02 08:04 - 000000000 ____D C:\Users\lucia\AppData\Local\D3DSCache
2023-07-01 14:41 - 2022-05-07 08:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-01 10:43 - 2023-05-29 18:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-30 20:40 - 2022-05-07 08:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-06-30 18:12 - 2022-05-07 08:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-30 18:04 - 2023-05-30 14:46 - 000804924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-30 18:04 - 2022-05-07 08:22 - 000000000 ____D C:\WINDOWS\INF
2023-06-30 17:57 - 2023-05-29 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-30 17:57 - 2022-07-08 02:20 - 000012288 ___SH C:\DumpStack.log.tmp
2023-06-30 17:57 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-06-30 17:57 - 2022-05-07 08:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-06-30 16:18 - 2023-05-28 22:28 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\Word
2023-06-30 11:12 - 2023-05-29 14:16 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\Excel
2023-06-29 07:29 - 2023-05-28 08:15 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-29 07:29 - 2023-05-28 08:15 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-06-28 19:48 - 2023-05-29 18:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4155723121-2667523574-2248086810-1001
2023-06-28 19:48 - 2023-05-29 18:30 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4155723121-2667523574-2248086810-1001
2023-06-28 19:48 - 2022-08-02 08:06 - 000002373 _____ C:\Users\lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-28 16:23 - 2023-05-28 22:32 - 000000000 ____D C:\Users\lucia\Desktop\lensbatohom.sk blogy
2023-06-28 13:44 - 2023-05-28 22:17 - 000000000 ____D C:\Users\lucia\Desktop\road trip NP október 2021
2023-06-28 13:29 - 2023-05-28 22:12 - 000000000 ____D C:\Users\lucia\Desktop\CA road trip 20.12.-27.12.2019
2023-06-24 18:48 - 2022-07-08 02:20 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-24 07:36 - 2020-11-21 04:23 - 000000000 ____D C:\Program Files\Microsoft Office
2023-06-23 16:02 - 2023-05-28 22:24 - 000009453 _____ C:\Users\lucia\Desktop\puss.odt
2023-06-23 07:36 - 2023-05-28 22:23 - 000000000 ____D C:\Users\lucia\Desktop\profilovky
2023-06-22 11:32 - 2022-08-02 08:04 - 000000000 ____D C:\Users\lucia\AppData\Local\Packages
2023-06-18 23:15 - 2023-05-31 09:32 - 000000000 ____D C:\Users\lucia\AppData\Roaming\vlc
2023-06-17 09:00 - 2023-05-29 18:30 - 000004122 _____ C:\WINDOWS\system32\Tasks\ASUS Update Checker 2.0
2023-06-17 09:00 - 2023-05-29 18:30 - 000003756 _____ C:\WINDOWS\system32\Tasks\ASUS Optimization 36D18D69AFC3
2023-06-16 07:33 - 2023-05-29 18:30 - 000003828 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9}
2023-06-16 07:33 - 2023-05-29 18:30 - 000003704 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60}
2023-06-14 18:15 - 2023-05-29 18:26 - 000468032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\WUModels
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\UUS
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\Globalization
2023-06-14 18:14 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-14 18:14 - 2022-05-07 08:17 - 000000000 ____D C:\WINDOWS\servicing
2023-06-14 15:34 - 2022-08-02 00:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-14 15:32 - 2022-08-02 00:44 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-14 11:50 - 2022-05-07 08:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-14 11:47 - 2023-05-29 18:30 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-13 21:55 - 2022-07-08 02:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-13 09:51 - 2023-05-29 18:30 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-13 09:51 - 2023-05-29 18:30 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-11 16:16 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-06-09 22:38 - 2023-05-29 10:08 - 000000000 ___DC C:\WINDOWS\Panther
2023-06-03 11:05 - 2023-05-28 21:59 - 000000000 ____D C:\Users\lucia\Desktop\clanky stare plus fotky na blog
2023-06-01 22:03 - 2023-05-28 22:28 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\Office
2023-06-01 21:55 - 2023-05-28 22:28 - 000000000 ____D C:\Users\lucia\AppData\Roaming\Microsoft\UProof

==================== Files in the root of some directories ========

2023-05-29 14:09 - 2023-05-29 14:09 - 000000003 _____ () C:\Users\lucia\AppData\Local\updater.log
2023-05-29 14:09 - 2023-05-29 17:18 - 000000424 _____ () C:\Users\lucia\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2023
Ran by lucia (01-07-2023 16:17:48)
Running from C:\Users\lucia\Desktop
Microsoft Windows 11 Home Version 22H2 22621.1848 (X64) (2023-05-30 11:38:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4155723121-2667523574-2248086810-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4155723121-2667523574-2248086810-503 - Limited - Disabled)
Guest (S-1-5-21-4155723121-2667523574-2248086810-501 - Limited - Disabled)
lucia (S-1-5-21-4155723121-2667523574-2248086810-1001 - Administrator - Enabled) => C:\Users\lucia
WDAGUtilityAccount (S-1-5-21-4155723121-2667523574-2248086810-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast One (HKLM\...\Avast Antivirus) (Version: 23.6.6070 - Avast Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
Grammarly for Windows (HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\Grammarly Desktop Integrations) (Version: 1.0.35.662 - Grammarly)
LibreOffice 7.5.3.2 (HKLM\...\{063CC195-EEF8-4601-89C6-CB18230BD5E6}) (Version: 7.5.3.2 - The Document Foundation)
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Loom 0.165.0 (HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\3643b966-bc28-5bc8-95ff-3d47d66438db) (Version: 0.165.0 - Loom, Inc.)
Malwarebytes version 4.5.32.271 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.32.271 - Malwarebytes)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.16501.20228 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\...\OneDriveSetup.exe) (Version: 23.122.0611.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebAdvisor od McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.820 - McAfee, LLC)
WireGuard (HKLM\...\{2FDB79CE-5193-4A39-82BB-E00158CC1533}) (Version: 0.5.3 - WireGuard LLC)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.21.30024.0_x64__0a9344xs7nr4m [2022-08-02] (Advanced Micro Devices Inc.) [Startup Task]
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.31.0_x64__dxp88312j1fgj [2023-06-29] (ICEpower)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-08-02] (McAfee LLC.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2305.14003.0_x64__8wekyb3d8bbwe [2023-06-08] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-05-30] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.10510.531.0_x64__8wekyb3d8bbwe [2023-06-18] (Microsoft Corporation)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-30] (Microsoft Corporation) [Startup Task]
ms-resource:AppDisplayName -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy [2023-06-14] (ASUSTeK COMPUTER INC.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.253.0_x64__dt26b99r8h8gj [2022-08-02] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-05-28] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-06-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-07-01] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-07-01 16:14 - 2023-07-01 16:14 - 000666624 _____ () [File not signed] \\?\C:\Users\lucia\AppData\Local\Temp\818dbe2b-babe-4ae6-adff-96e8d28ea06d.tmp.node
2023-07-01 16:14 - 2023-07-01 16:14 - 001004032 _____ () [File not signed] \\?\C:\Users\lucia\AppData\Local\Temp\a3a8e98e-81e2-4b10-977f-8b986fcaf120.tmp.node
2023-06-29 10:52 - 2023-06-23 21:04 - 002789376 _____ () [File not signed] C:\Users\lucia\AppData\Local\Programs\Loom\ffmpeg.dll
2023-06-29 10:52 - 2023-06-23 21:04 - 000471040 _____ () [File not signed] C:\Users\lucia\AppData\Local\Programs\Loom\libegl.dll
2023-06-29 10:52 - 2023-06-23 21:04 - 007179264 _____ () [File not signed] C:\Users\lucia\AppData\Local\Programs\Loom\libglesv2.dll
2023-06-22 07:41 - 2023-06-23 21:04 - 004759552 _____ () [File not signed] C:\Users\lucia\AppData\Local\Programs\Loom\vk_swiftshader.dll
2020-11-21 04:23 - 2020-11-21 04:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-11-21 04:23 - 2020-11-21 04:23 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-08-02] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-08-02] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 12:14 - 2019-12-07 12:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4155723121-2667523574-2248086810-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\asus\wallpapers\asus.jpg
DNS Servers: 212.39.90.52 - 212.39.90.53
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BED62A86-2857-4F3F-9607-AEEAD70720A4}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.410.2053.8773_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BD91FF0-ECC6-49C2-81E0-5F7861BA57E1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.410.2053.8773_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2D6A64BB-2E4A-4AE9-AEC0-172114DF365A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{0012EC4E-3F09-4382-A03C-E3808FC5EE8D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6653472E-416B-4046-82E7-54A81F03B2DC}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F61FE7F6-FE4A-4B97-85A2-57CC249191F3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F520301-0F80-47CC-98BD-B0687B4525DE}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{5CDFE7B3-6245-4ED3-83E0-317EC5695318}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{2185BC64-A3B4-445B-B1F8-F69C1195E6C0}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3B4F6D07-2D60-4268-AD46-8054E3D3B649}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{56438292-D03C-4B38-BB4B-3C77955735F5}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.1.20.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{B4B94DC3-755A-450D-9025-7CFB63367FBE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE0E5778-31D2-4E42-8758-B6321A0CE30B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D724C95C-E5E4-4910-95FF-01A3A8452804}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CE1E467-2B56-4145-B389-7E6FFF092CDD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{87B22CD1-ED72-423B-A7E7-47B1852D5701}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E6639F38-D08D-4EDD-8962-7A743C8FF6FC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{29BB550C-75F5-47BD-B26F-8323E15214C8}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSwitch\AsusSwitchNet.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{6D888062-6FA2-4596-9715-A9307F17940E}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
FirewallRules: [{BC070F25-FD16-4D22-94C8-350AD1093063}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSSwitch\AsusSwitchNetMDNS.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)
FirewallRules: [{8AFA46B8-A0D4-4328-BE45-652B661184C8}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{C7944A16-12F0-4FC5-85DC-05B96F97B73A}] => (Allow) C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkRemote\AsusLinkRemoteAgent.exe (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.​)
FirewallRules: [{CFC1A519-EECB-4F76-BA67-EF58BE8E6E21}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AF9E4E79-CC1C-481F-8ACC-E065F031542E}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

23-06-2023 10:27:57 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/01/2023 10:49:39 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program FRST64.exe version 28.6.2023.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (06/30/2023 08:41:04 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program SecHealthUI.exe version 10.0.25305.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (06/30/2023 05:57:34 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LUCIA$ via https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 30 Jun 2023 14:57:35 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 75adff05-3190-478f-b694-f51270b9efb9

Method: GET(250ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/30/2023 05:57:34 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 30 Jun 2023 14:57:34 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d0846ee3-da05-46da-885e-754f0040f6cb

Method: GET(1281ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/30/2023 05:57:23 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Názov chybujúcej aplikácie: AsusLinkNear.exe, verzia: 2.1.19.0, časová značka: 0x64658450
Názov chybujúceho modulu: AsusLinkNear.exe, verzia: 2.1.19.0, časová značka: 0x64658450
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000097c2c
Identifikácia chybujúceho procesu: 0x0x1150
Čas spustenia chybujúcej aplikácie: 0x0x1d9ab632a777402
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_7a3a8aa248377da4\ASUSLinkNear\AsusLinkNear.exe
Identifikácia hlásenia: de99091a-f073-44fe-bf20-2c5e3fe3f103
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/28/2023 08:18:19 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LUCIA$ via https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 28 Jun 2023 05:18:21 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f6e83fe4-cc05-4636-a467-bb82606ce6e6

Method: GET(312ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/28/2023 08:18:18 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-8a0578cf56146fea399af ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 28 Jun 2023 05:18:19 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: c2be3c96-7fbf-4fbd-8094-631bf04209dc

Method: GET(469ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/17/2023 09:00:33 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Názov chybujúcej aplikácie: RtkAudUService64.exe, verzia: 1.0.392.1, časová značka: 0x60e2c483
Názov chybujúceho modulu: combase.dll, verzia: 10.0.22621.1485, časová značka: 0xa8be94cc
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000ca56b
Identifikácia chybujúceho procesu: 0x0xc9c
Čas spustenia chybujúcej aplikácie: 0x0x1d99eeaeb4bcd57
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e9f6c354061743a4\RtkAudUService64.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\combase.dll
Identifikácia hlásenia: 14fd29ed-da7c-499c-910c-2824068236c3
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (07/01/2023 04:17:52 PM) (Source: DCOM) (EventID: 10010) (User: LUCIA)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (07/01/2023 01:11:19 PM) (Source: DCOM) (EventID: 10010) (User: LUCIA)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (07/01/2023 10:53:47 AM) (Source: DCOM) (EventID: 10010) (User: LUCIA)
Description: The server {7966B4D8-4FDC-4126-A10B-39A3209AD251} did not register with DCOM within the required timeout.

Error: (07/01/2023 10:53:47 AM) (Source: DCOM) (EventID: 10010) (User: LUCIA)
Description: The server {7966B4D8-4FDC-4126-A10B-39A3209AD251} did not register with DCOM within the required timeout.

Error: (07/01/2023 07:26:40 AM) (Source: DCOM) (EventID: 10010) (User: LUCIA)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.

Error: (06/30/2023 10:03:38 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 2a01:5a8:30d:61c6:84a7b654:8538 with the system
having network hardware address 00-00-00-00-00-00. Network operations on this system may
be disrupted as a result.

Error: (06/30/2023 08:49:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby eapihdrv zlyhalo kvôli nasledujúcej chybe:
This driver has been blocked from loading

Error: (06/30/2023 08:49:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\lucia\AppData\Local\Temp\ehdrv.sys


Windows Defender:
================
Date: 2023-06-30 11:36:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-06-29 11:07:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-06-27 10:32:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-06-26 10:13:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2023-06-25 09:50:12
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2023-07-01 16:14:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2023-07-01 13:09:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X421DAP.301 04/10/2020
Motherboard: ASUSTeK COMPUTER INC. X421DAP
Processor: AMD Ryzen 3 3250U with Radeon Graphics
Percentage of memory in use: 80%
Total physical RAM: 6094.18 MB
Available physical RAM: 1181.84 MB
Total Virtual: 11470.18 MB
Available Virtual: 5364.97 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:475.5 GB) (Free:297.81 GB) (Model: INTEL SSDPEKNW512G8) NTFS

\\?\Volume{444030d8-04fe-4289-bdae-aa6e3cd5e004}\ (RECOVERY) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{57c6fbd4-42c2-4e36-838c-b7e4b1657372}\ (MYASUS) (Fixed) (Total:0.19 GB) (Free:0.14 GB) FAT32
\\?\Volume{7f471e87-932e-4f1f-b671-339820b5f247}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 166037A6)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9E9F2486-7C88-44E6-94D9-3FBF0885DDA6} - System32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-28] (Google LLC -> Google LLC)
Task: {C29E636A-7D7C-463B-862A-27E87FB448BF} - System32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-28] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\ProgramData\31706289927101938157231548
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60}
C:\Users\lucia\AppData\Local\Temp
FirewallRules: [{2D6A64BB-2E4A-4AE9-AEC0-172114DF365A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{5F520301-0F80-47CC-98BD-B0687B4525DE}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[lu_cka]

Nech sa paci:

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-06-2023
Ran by lucia (01-07-2023 17:39:35) Run:1
Running from C:\Users\lucia\Desktop
Loaded Profiles: lucia
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {9E9F2486-7C88-44E6-94D9-3FBF0885DDA6} - System32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-28] (Google LLC -> Google LLC)
Task: {C29E636A-7D7C-463B-862A-27E87FB448BF} - System32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-28] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\ProgramData\31706289927101938157231548
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60}
C:\Users\lucia\AppData\Local\Temp
FirewallRules: [{2D6A64BB-2E4A-4AE9-AEC0-172114DF365A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{5F520301-0F80-47CC-98BD-B0687B4525DE}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E9F2486-7C88-44E6-94D9-3FBF0885DDA6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E9F2486-7C88-44E6-94D9-3FBF0885DDA6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C29E636A-7D7C-463B-862A-27E87FB448BF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C29E636A-7D7C-463B-862A-27E87FB448BF}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\ProgramData\31706289927101938157231548 => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{FC8A4D19-1593-4865-8C04-FE484FA410B9}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{930ECAD5-3640-48C9-B083-154E83700E60}" => not found

"C:\Users\lucia\AppData\Local\Temp" folder move:

C:\Users\lucia\AppData\Local\Temp => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D6A64BB-2E4A-4AE9-AEC0-172114DF365A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F520301-0F80-47CC-98BD-B0687B4525DE}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 999477682 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 23253895 B
Edge => 0 B
Chrome => 3440369146 B
Firefox => 65675373 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 8391 B
LocalService => 12921 B
NetworkService => 45579 B
lucia => 3597773 B

RecycleBin => 26429059538 B
EmptyTemp: => 28.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-07-2023 17:43:13)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 17:43:20 ====

[Rudy]

Smazáno, log již vypadá OK.

[lu_cka]

Dakujem krasne

[Rudy]

Nemáte zač!