Pomalý NB

[antonin1]

Dobrý den,

v poslední době mám tak pomalý NB, že už se skoro nedá použít. Provedl jsem první čistku pomocí adwcleaner, ale NB je stále pomalý a restartuje se několik minut. Proto prosím o pomoc.

FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by Petr (administrator) on LENOVO-PC (LENOVO 20252) (20-09-2022 16:12:45)
Running from C:\Users\Petr\Downloads
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(explorer.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2020-08-08] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59925488 2014-10-21] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-21] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-05-15] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213728 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Opera Browser Assistant] => c:\program files (x86)\opera\assistant\browser_assistant.exe [3366424 2020-12-08] (Opera Software AS -> Opera Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\Run: [AceWebExtensionUpdater] => C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe (No File)
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve -> Valve Corporation)
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc. -> Apple Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 5510 series): C:\WINDOWS\SYSTEM32\HPDiscoPMa111.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2014-04-01] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08E95C2A-4142-4FAF-9901-CCBA6C4A07D4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0B2215EB-7256-4574-B9ED-F5523A1DDD88} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0DAC5B6B-BD85-40E5-B349-F2DC2812C975} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {12B4BAB1-DA0C-4A85-989E-301C4F4D70ED} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1EB1A6AD-AA48-4B3C-A666-49BDCD218C3F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {269D89D7-DE45-4C63-B453-1C2CC128A8BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2D4EF929-6021-4C55-AF74-F142481F324F} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4943072 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
Task: {302E2EA6-12D8-4E98-A7FF-7B42338974EE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {30689A10-62B6-42ED-9ABA-4014182DFECD} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {383D12D7-CBA4-43A7-A678-6320D8A46F2A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {40FC4A1D-72B1-439D-A29E-C8050AC055F7} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10157392 2016-08-24] (LENOVO -> Lenovo)
Task: {4A0962F2-81C7-4E94-ABCC-AB23315C8B15} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4BEC083A-8E14-4FB4-966F-B7B8E3C89707} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {52987C53-5D7F-4499-A725-EF457C65EA44} - System32\Tasks\Norton Security with Backup\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.20.4.57\SymErr.exe /submit (No File)
Task: {55278045-5A07-4E05-BF29-80F520B7CB3D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-08-24] (LENOVO -> Lenovo)
Task: {5C1A614A-A05A-4A77-A24F-0DE1D98AB0D7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5CF69F32-8193-4DD2-B8DF-86F9EA3F0D9D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5DBA6566-8D3E-492F-AE75-F71DED4F4FF5} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [133 2012-03-08] () [File not signed]
Task: {668FCA70-B2EE-4491-B8F8-290312AE1748} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6FD3DC6D-CE08-4BB2-9079-C57C34F7C251} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
Task: {7D12392D-8FC4-4919-AD7A-69EAEC94E347} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {81AF15C6-11A3-4AB4-8290-FD114DA2D18A} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2020-08-08] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
Task: {823068D3-FC3E-4461-96ED-60A5D6DA7A38} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {938E89E7-650D-4037-9266-10F737740451} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.4.57\SymErr.exe /analyze (No File)
Task: {957BED54-ED87-4A12-B3A6-D4B47BBD580E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {9874F263-0137-4404-A063-15497FB5935A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9DAE11FC-EAD9-4109-8A50-6FFFF17C33E2} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [264016 2016-08-24] (LENOVO -> )
Task: {A0948E38-7E14-41A9-A575-6DE0BB79BE73} - System32\Tasks\WindowsMediaSharing => C:\windows\wndsvr.exe (No File)
Task: {BA96A2F4-BAB2-440F-BB47-E208D3A38022} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10157392 2016-08-24] (LENOVO -> Lenovo)
Task: {BDED6542-0702-4E16-B9A6-7EBD82E6EE9A} - System32\Tasks\Opera scheduled assistant Autoupdate 1581111369 => c:\program files (x86)\opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="c:\program files (x86)\opera\assistant" $(Arg0)
Task: {C1B7C598-3496-41A4-9454-5BB1417BF756} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C303FBEB-7752-431A-BABB-32D888DB9633} - System32\Tasks\Norton Security with Backup\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.20.4.57\SymErr.exe /ui (No File)
Task: {C3FF50C2-F64A-4AB2-B167-DE44F217A53C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {DC249DD1-3B71-493E-B189-E06F95D9CA30} - System32\Tasks\{7110602E-F498-4445-93D7-FF410395206B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.12.0.101/cs/abandoninstall?source=lightinstaller&page=tsInstall
Task: {E1B837F2-4A32-4DB4-B89B-4417297674B6} - System32\Tasks\G2MUpdateTask-S-1-5-21-3879793939-1037263308-1146612629-1002 => C:\Users\Petr\AppData\Local\GoToMeeting\10996\g2mupdate.exe [29736 2018-11-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E5F35068-2F8C-4660-B6C9-C46C13CF58C6} - System32\Tasks\G2MUploadTask-S-1-5-21-3879793939-1037263308-1146612629-1002 => C:\Users\Petr\AppData\Local\GoToMeeting\10996\g2mupload.exe [29736 2018-11-03] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {F4889B34-CA72-4445-82C9-C8E8B3D8AC98} - System32\Tasks\Opera scheduled Autoupdate 1414277131 => c:\program files (x86)\opera\launcher.exe [1793664 2021-02-26] (Opera Software AS -> Opera Software)
Task: {FAC0168A-C38E-453D-967E-95FB0C6C5825} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (No File)
Task: {FCD6307F-B390-4401-8F55-6950CEEB61DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3879793939-1037263308-1146612629-1002.job => C:\Users\Petr\AppData\Local\GoToMeeting\10996\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3879793939-1037263308-1146612629-1002.job => C:\Users\Petr\AppData\Local\GoToMeeting\10996\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.4.1 192.168.68.1
Tcpip\..\Interfaces\{5fec8eb4-4c06-48e8-ac2f-1c4813f6750d}: [DhcpNameServer] 192.168.68.1
Tcpip\..\Interfaces\{83960461-650d-4cdd-8c6a-3cbef3a7cf26}: [DhcpNameServer] 192.168.4.1 192.168.68.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-09]

FireFox:
========
FF DefaultProfile: wsjw3uif.default-1417254993486
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wsjw3uif.default-1417254993486 [2022-09-20]
FF Session Restore: Mozilla\Firefox\Profiles\wsjw3uif.default-1417254993486 -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\wsjw3uif.default-1417254993486 -> hxxps://www.lynxbroker.cz; hxxps://seekingalpha.com; hxxps://www.tipsport.cz
FF Extension: (Norton Safe Search) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wsjw3uif.default-1417254993486\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2022-07-24] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wsjw3uif.default-1417254993486\Extensions\nortonsafeweb@symantec.com.xpi [2022-05-24]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3879793939-1037263308-1146612629-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Petr\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-11-01] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-3879793939-1037263308-1146612629-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\Petr\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2019-02-13]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-12]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-12]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-04]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Norton Security Toolbar) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2019-01-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-04]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-12]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-10]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-12]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

Opera:
=======
OPR Profile: C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable [2020-12-15]
OPR Notifications: Opera Stable -> hxxps://www.tipsport.cz
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-12-13]
OPR Extension: (AS Magic Player) - C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2015-08-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8523800 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [589536 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2014432 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589536 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-08-26] (CyberLink Corp. -> CyberLink)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (LENOVO -> Lenovo)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2013-05-15] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-27] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41760 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [237632 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [389064 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [257992 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104904 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [24528 2022-08-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47936 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274976 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553880 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113920 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88984 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [861936 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671216 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221464 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327408 2022-08-30] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-25] (Malwarebytes Corporation -> Malwarebytes Corporation)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [546304 2013-05-15] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2014-04-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2020-09-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428256 2020-09-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-27] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-20 16:12 - 2022-09-20 16:15 - 000029297 _____ C:\Users\Petr\Downloads\FRST.txt
2022-09-20 16:11 - 2022-09-20 16:14 - 000000000 ____D C:\FRST
2022-09-20 16:10 - 2022-09-20 16:10 - 002371072 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2022-09-09 22:39 - 2022-09-09 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-09-08 23:14 - 2022-09-20 16:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-08-30 23:20 - 2022-08-30 23:19 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-08-30 23:20 - 2022-08-30 23:19 - 000221464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-08-24 00:25 - 2022-08-24 00:25 - 000000000 __SHD C:\found.001
2022-08-24 00:25 - 2022-08-24 00:25 - 000000000 __SHD C:\found.000

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-20 16:10 - 2016-11-23 15:23 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2022-09-20 16:08 - 2022-02-11 08:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-09-20 16:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-20 16:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-20 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-20 15:57 - 2014-06-27 23:23 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2022-09-20 15:57 - 2014-02-01 00:11 - 000000000 ____D C:\ProgramData\AVAST Software
2022-09-20 15:56 - 2018-01-19 01:00 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-09-20 15:56 - 2016-07-11 01:17 - 000147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_3A60B698.sys
2022-09-20 15:55 - 2020-08-08 10:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-20 15:55 - 2020-08-08 10:17 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-20 15:55 - 2016-10-02 09:31 - 000000000 ____D C:\ProgramData\NVIDIA
2022-09-20 15:53 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-20 15:50 - 2020-08-08 10:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-20 11:09 - 2021-06-06 09:27 - 000000000 ____D C:\Users\Petr\AppData\Local\Avast Software
2022-09-20 10:02 - 2014-10-13 10:11 - 000000000 ____D C:\AdwCleaner
2022-09-20 09:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-20 09:42 - 2020-10-06 08:57 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-09-20 09:29 - 2020-08-08 10:33 - 000006264 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-20 09:29 - 2019-12-07 16:41 - 001073176 _____ C:\WINDOWS\system32\perfh005.dat
2022-09-20 09:29 - 2019-12-07 16:41 - 000250766 _____ C:\WINDOWS\system32\perfc005.dat
2022-09-20 09:28 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-20 09:23 - 2020-08-08 10:17 - 000443568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-20 09:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-20 09:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-20 09:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-20 09:12 - 2014-01-31 19:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-09-20 08:36 - 2020-08-08 10:33 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-09-20 08:36 - 2020-08-08 10:33 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-09-20 08:36 - 2015-08-09 07:28 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2022-09-20 08:34 - 2020-10-06 08:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-09-19 23:16 - 2020-08-08 10:23 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-18 22:35 - 2020-06-05 22:36 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-18 22:35 - 2020-06-05 22:36 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-18 01:35 - 2014-02-01 01:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-09-16 22:58 - 2014-02-01 01:06 - 141646296 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-09-16 22:56 - 2017-12-24 03:04 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2022-09-14 22:36 - 2013-11-30 06:05 - 000000000 ____D C:\ProgramData\Energy Manager
2022-09-09 22:39 - 2014-01-31 19:39 - 000001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-09-08 23:11 - 2017-12-28 06:19 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2022-08-30 23:20 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-30 23:19 - 2020-10-14 23:07 - 000274976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000861936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000671216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000553880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000389064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000327408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000257992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000237632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000113920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000104904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000088984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000047936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-08-30 23:19 - 2020-10-06 08:57 - 000041760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys

==================== Files in the root of some directories ========

2014-10-21 13:25 - 2014-10-21 13:25 - 000000017 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
2014-07-20 10:29 - 2014-07-20 10:29 - 000000000 _____ () C:\Users\Petr\AppData\Local\{30D4210C-5ED3-4CDE-BF01-C189DE53A9E2}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[antonin1]

Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by Petr (20-09-2022 16:23:53)
Running from C:\Users\Petr\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2006 (X64) (2020-08-08 09:06:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3879793939-1037263308-1146612629-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3879793939-1037263308-1146612629-503 - Limited - Disabled)
Guest (S-1-5-21-3879793939-1037263308-1146612629-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3879793939-1037263308-1146612629-1007 - Limited - Enabled)
Petr (S-1-5-21-3879793939-1037263308-1146612629-1002 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3879793939-1037263308-1146612629-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\{7D5344C9-E173-4148-93EC-6137D797835A}) (Version: 29.0.0.112 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-000182442176}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.17.3042.73586 - Alcor Micro Corp.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.8.6030 - Avast Software)
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Balíček ovladače systému Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{C861656B-F077-4AE4-8635-B77F44D5FE3E}) (Version: 4.1.0 - Kovid Goyal)
Citrix Online Launcher (HKLM-x32\...\{75FCE33E-4E0C-4CE1-ADF0-75F258DF27A0}) (Version: 1.0.445 - Citrix)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.49 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.49 - Lenovo)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
GoToMeeting 8.37.0.10996 (HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\GoToMeeting) (Version: 8.37.0.10996 - LogMeIn, Inc.)
HP Photosmart 5510 series Nápověda (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6431.0 - IDT)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1010 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1052 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{6621F31C-C47B-4AB1-9C2A-84765B7F1580}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{CC450FA9-093F-4A33-98F6-68601FEC7C4E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{CF9C64A0-E85F-4742-B55A-2A450B071CD0}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{F1D41AB3-979C-429C-B214-ED5457668C3A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{27DEA29A-222C-45F8-B70D-0A7B303FC71B}) (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
KeePass Password Safe 2.24 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.24 - Dominik Reichl)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 7.35.267 - Lenovo)
LYNX Trading (HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\5556-0005-2700-0000) (Version: (979.4w) 20200623 13:41:08 - LYNX)
Malwarebytes Anti-Malware verze 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 105.0.1343.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 105.0.1343.42 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (HKLM-x32\...\{90140000-00BA-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (HKLM-x32\...\{90140000-0044-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (HKLM\...\{90140000-002A-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0116-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{7F736E0B-319F-4903-A15B-E82B83A563AA}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{7588A7EE-288B-4D76-9082-BCE5B8C7D5B3}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Might and Magic Heroes VII (HKLM-x32\...\Might and Magic Heroes VII_is1) (Version: - )
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 104.0.2 (x64 cs)) (Version: 104.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 104.0.2.8280 - Mozilla)
MPC-HC 1.6.4.6052 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.4.6052 - MPC-HC Team)
Opera Stable 74.0.3911.160 (HKLM-x32\...\Opera 74.0.3911.160) (Version: 74.0.3911.160 - Opera Software)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Communications Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{03AE1408-7BF1-4AC6-A327-E32E7799BCE4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{03AE1408-7BF1-4AC6-A327-E32E7799BCE4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SMRecorder 1.3.2 (HKLM-x32\...\SMRecorder) (Version: 1.3.2 - SMRecorder)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9580 - Broadcom Corporation)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
xat.com JPEG Optimizer (HKLM-x32\...\xat.com JPEG Optimizer) (Version: - )
Základní software zařízení HP Photosmart 5510 series (HKLM\...\{22E8B03A-9094-45AC-910A-CB491A16A593}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Zoom (HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-08-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.44.8.0_x64__q4d96b2w5wcc2 [2022-09-14] (Evernote)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_138.2.414.0_x64__v10z8vjag6ke6 [2022-09-13] (HP Inc.)
Lenovo Cloud Storage by SugarSync -> C:\Program Files\WindowsApps\C59AD0AF.LenovoCloudStorageBySugarSync_1.3.0.889_neutral__m3tnjedffpfhj [2014-08-12] (SugarSync Inc.)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-01-22] (Lenovo, INC.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2208.12.0_x64__k1h2ywk1493x8 [2022-09-20] (LENOVO INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2014-08-12] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-20] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2022-09-11] (Microsoft Corporation) [MS Ad]
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2014-08-12] (CYBERLINK COM CORPORATION)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2022-09-11] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox -> Dropbox, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-08-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-08-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-08-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-08-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-08-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc. -> SugarSync, Inc.)
ContextMenuHandlers1_S-1-5-21-3879793939-1037263308-1146612629-1002: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-3879793939-1037263308-1146612629-1002: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-3879793939-1037263308-1146612629-1002: [DropboxExt] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-11-21 09:31 - 2013-11-21 09:31 - 000499200 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-11-21 09:31 - 2013-11-21 09:31 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002 -> DefaultScope {5BAF1D63-BD00-48A8-94DA-5B6D52CEDF7E} URL =
SearchScopes: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002 -> {5BAF1D63-BD00-48A8-94DA-5B6D52CEDF7E} URL =
SearchScopes: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002 -> {EA0F4F99-1EAE-4A69-9272-548D73EAACB0} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-10-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-10-06] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2014-08-17 15:22 - 2016-09-18 21:24 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 Lenovo-PC.mshome.net # 2021 7 5 9 14 59 11 376

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\PROGRAM FILES\INTEL\ICLS CLIENT\;C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\WINDOWS\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\3.0\BIN\X86;C:\PROGRAM FILES (X86)\INTEL\OPENCL SDK\3.0\BIN\X64;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;C:\WINDOWS\system32;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Calibre2\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> ;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.4.1 - 192.168.68.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "UpdateP2GShortCut"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\StartupApproved\Run: => "AceStream"
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\StartupApproved\Run: => "icq"
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\StartupApproved\Run: => "AceWebExtensionUpdater"
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7C94072F-2ABB-43B4-AFDC-E3534F1ED090}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BEBD0355-18B8-458B-BA41-D2DB5161CB78}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C4B9E018-02D7-4FE1-A535-25C2F6D0EC23}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{FD0AD798-C553-4BB9-805E-D9C7FC72E486}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{E1734449-E52A-4D20-9000-269FEC0639F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{27F2AB5C-D79F-4ACA-833D-A8EBA49FC616}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{07E6AFFD-BB8E-49E0-B0C8-2E560C0DBF87}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe => No File
FirewallRules: [{431E3882-20EB-4085-A7D6-01CBCC695AFF}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe => No File
FirewallRules: [{D44F23B0-E868-4FB8-841C-062C03BAE7FE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{5A03BA8B-E076-4B29-B9D2-5F1209C07DEF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{B7775D15-993C-4BC3-9DEF-790DC8C3EFA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe => No File
FirewallRules: [{ECC5EC78-402E-4298-9E24-6D574D2B4788}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe => No File
FirewallRules: [{12DC8F66-421A-42A9-93D9-D2E96AB8623E}] => (Block) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [{764BDEC0-4CC7-47A5-B9E5-8B0B2BF36423}] => (Block) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [UDP Query User{8CDCB377-F7DD-42C8-BC19-06F2DEF63D2F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [TCP Query User{27CFE3A4-D234-46C4-9479-7AF7CBCD2697}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [{A8952209-01C4-4AC0-8180-442E1F3547CC}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{4A91828E-1FEE-40A7-96FA-7500E562E7FB}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3E0E2712-8A80-4E95-8BE1-E12693D438C4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File
FirewallRules: [{74FC5398-2B88-428C-AA82-2F336C02291D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File
FirewallRules: [{04F61C04-99AE-49DA-B1B6-7D5C7E5BD476}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{32CAFC92-8455-47A0-837C-0E5DB6DC5EAD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9AD083B5-9FE4-4639-A584-3DD6A60FA9E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{7414C87D-743D-4395-9D43-631FA9D84D5C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [TCP Query User{0E15F49B-D3E8-4288-AB51-1700BCD3F53F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9449F44E-FBFA-4B82-9296-958F104E8AF2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0152DB02-F14F-4F2E-8C13-B7BB2D90C195}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5273AC9F-2E7A-4911-AF7F-8FBB43EF3F47}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{52448E96-3D97-4051-B4A3-D7C3D0EF4EF2}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{42511B14-CE61-42E6-81C0-2599A0DC158B}C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2514F2AF-44CC-4BE3-855F-37510E07ECFB}C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe => No File
FirewallRules: [{8548E6DD-2887-40FE-89CD-183A44DC0761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{22F8D383-2E2A-408A-9FBE-5B076B9AFAA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{31D22B97-B955-44E7-838E-EB4D6F62C0AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{C30A6F23-AC51-4B03-85A5-FF20EB116656}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => No File
FirewallRules: [{C60727B0-090C-4D39-B41E-F16C994650E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => No File
FirewallRules: [TCP Query User{6F705696-2DAB-4632-86B0-5692F49F1ACA}C:\users\petr\downloads\odorik (1).exe] => (Block) C:\users\petr\downloads\odorik (1).exe => No File
FirewallRules: [UDP Query User{BC108EA6-2307-4296-A177-B34387545293}C:\users\petr\downloads\odorik (1).exe] => (Block) C:\users\petr\downloads\odorik (1).exe => No File
FirewallRules: [{03F48F2C-4F03-410C-B6B2-E7F6276D355A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8F89CD2D-CA01-452D-B5FD-D9453A87AC45}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB98D9B8-BF16-4B78-B5E0-178ADB8A1DDB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe => No File
FirewallRules: [{69A2B420-978F-476B-8157-308960DA6172}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe => No File
FirewallRules: [{FA3D2064-B41E-4AD9-A7E3-0EBDDBAFED7E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AE224016-F543-4DA9-9E3C-7EF6BF02A156}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1A12BE14-663E-4D56-9C70-BD9772D63BFE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BE5B3DC5-49BE-4992-A6F4-909CE926826E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{A66DB229-851B-42E1-833E-ADBFAF58E582}C:\games\the keep\the.keep\thekeep.exe] => (Block) C:\games\the keep\the.keep\thekeep.exe => No File
FirewallRules: [UDP Query User{3C375058-34C5-43F5-BA91-F13F2DE98F99}C:\games\the keep\the.keep\thekeep.exe] => (Block) C:\games\the keep\the.keep\thekeep.exe => No File
FirewallRules: [{5519EF0C-1DC4-406F-8746-093C2C7348F5}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{EE5B2E96-6E06-4E56-93C0-6A01201AB54A}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{34F9DFE6-C983-449E-B174-BAA62B075954}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{229221F9-323D-4C0B-BBE2-9B4328EED63F}] => (Allow) c:\program files (x86)\opera\73.0.3856.344\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{220654F5-7B33-49DE-954F-C147F9DB8C45}] => (Allow) c:\program files (x86)\opera\74.0.3911.160\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B69774B2-587D-4E32-85BB-76E6853300E5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3C7FFDA3-F3B6-4F46-ABC9-23598B8A5BAA}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{95E85915-D3B7-443A-930C-D8062027A963}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{63A67A92-3D9D-486C-BF05-CCC1D6676475}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{84F6FEAA-A6FB-4372-AB35-6C8365351D2A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DFCD9A57-F324-4081-AE4B-1FC8825C57B4}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{81041DA1-B103-4804-AFB4-7094EAE6EAB2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EDD0F327-7CE3-41DA-B3EB-470921A582F7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6EF42CE7-263B-41E4-992C-1B075CD9C0A7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C1984FB2-9E69-474F-A4CA-BCD80F0B4334}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DE698FBE-D37E-44AD-BD4E-D4D35C733689}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9199ADAC-4025-44C6-B4F8-C26AC7C1992B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F59966F0-9931-485E-836A-CFAFA93C11B8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B1A54C7B-93CC-483C-AC30-6CAE322202BF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{721A1F2A-8BDE-43D6-ADCD-71CD6876BD54}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8CEC4A28-6C0C-4F1D-8A96-8286CA135E7C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{92EC8741-685C-49AA-B83D-7343A2F38BC2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0FECAF6B-852B-4DF3-AAB7-F29B126A1385}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B6D9C43D-3088-4841-925F-75B0C960D7DC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D62DB15E-13CF-4F42-B602-866AD63ECD0F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{65520A6D-632C-4994-92D1-D7BF78C8C89D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E16A7EA1-32A9-457D-B681-162385E9A292}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A9DAA3E6-FB9E-4B13-B2C2-7B703187DD5F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{105CFD9A-FE8E-4D62-873C-F2BA5C4367B8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{CFBEAAE5-146A-45BD-B42D-1B3C2E100B14}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DAE3E6B7-25CD-45D3-A208-5210B60A6A4D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5FA83B0F-DD25-4506-A8E6-6820ACC1C955}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

18-09-2022 01:39:59 Instalační služba modulů systému Windows
18-09-2022 01:45:56 Instalační služba modulů systému Windows
18-09-2022 22:23:10 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/20/2022 04:03:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/20/2022 04:03:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/20/2022 04:03:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/20/2022 03:51:00 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/20/2022 03:50:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/20/2022 02:57:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows8_OS (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/20/2022 10:54:35 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (09/20/2022 10:14:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.1949 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: cbc

Čas spuštění: 01d8ccc8846e16d9

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: d1f1c12a-2f34-4454-a017-477ca6e07db6

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.7.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: CortanaUI

Typ zablokování: Quiesce


System errors:
=============
Error: (09/20/2022 04:00:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (09/20/2022 01:34:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AppX Deployment Service (AppXSVC) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/20/2022 01:34:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AppX Deployment Service (AppXSVC) bylo dosaženo časového limitu (30000 ms).

Error: (09/20/2022 12:37:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AppX Deployment Service (AppXSVC) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/20/2022 12:37:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AppX Deployment Service (AppXSVC) bylo dosaženo časového limitu (30000 ms).

Error: (09/20/2022 10:46:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (09/20/2022 10:38:52 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (09/20/2022 10:03:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2020-10-03 15:39:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B5E6708B-9D76-49F3-B7BA-61636F148EE5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-10-03 15:24:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B6C73F87-AC16-4775-888D-C757D3A1B975}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-10-02 23:56:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CBC8533E-8F45-4CF5-A2BF-84C00F2BE775}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-09-20 15:59:54
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Temp\asw27f0784f15c0d57c.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-09-20 12:27:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-20 10:37:25
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Temp\asw9df14f168727f8ad.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-09-20 10:12:33
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Temp\asw10b2e086be2fae81.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-09-20 09:31:08
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\Temp\asw39154057eff86971.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-08-30 23:20:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 8ECN24WW 09/26/2013
Motherboard: LENOVO Ginkgo 7A1
Processor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Percentage of memory in use: 26%
Total physical RAM: 16136.27 MB
Available physical RAM: 11893.19 MB
Total Virtual: 21258.27 MB
Available Virtual: 17345.14 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:889.11 GB) (Free:86.06 GB) (Model: ST1000LM014-1EJ164) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.87 GB) (Model: ST1000LM014-1EJ164) NTFS

\\?\Volume{edaa6261-c5b3-455f-8b45-8fd9907025ca}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{45b5eb15-862e-4de4-a740-a95c68363600}\ () (Fixed) (Total:0.8 GB) (Free:0.31 GB) NTFS
\\?\Volume{8be5dd8e-2e35-4f13-b98c-5f65ac922b65}\ (PBR_DRV) (Fixed) (Total:14.27 GB) (Free:3.9 GB) NTFS
\\?\Volume{4042c78f-5da0-4c99-9c0d-6e0b340c6558}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 509FA48E)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[antonin1]

Už jsem to použil dříve, zde dávám log:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-08-22.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-20-2022
# Duration: 00:00:19
# OS: Windows 10 (Build 19043.2006)
# Cleaned: 57
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files\slimcleaner plus
Deleted C:\ProgramData\SlimWare Utilities, Inc
Deleted C:\ProgramData\slimware utilities inc
Deleted C:\Users\Petr\AppData\LocalLow\.acestream
Deleted C:\Users\Petr\AppData\Local\Downloaded Installers
Deleted C:\Users\Petr\AppData\Local\slimware utilities inc
Deleted C:\Users\Petr\AppData\Roaming\.acestream
Deleted C:\Users\Petr\AppData\Roaming\AceWebExtension
Deleted C:\Users\Petr\AppData\Roaming\Seznam.cz
Deleted C:\Users\Petr\AppData\Roaming\acestream
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\_acestream_cache_

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Petr)
Deleted C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Petr).job

***** [ Registry ] *****

Deleted HKCU\Software\Classes\.acestream
Deleted HKCU\Software\Classes\acestream
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AceUpdater
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SlimCleaner Plus
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Norassie
Deleted HKCU\Software\RegisteredApplications|AceStream
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\SlimWare Utilities Inc
Deleted HKLM\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.htm\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.html\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.mfp\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.png\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.shtml\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.xht\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Classes\.xhtml\OpenWithList\Torch.exe
Deleted HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DD02D59-6868-4EE0-BB7C-39C2CCA11409}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DD02D59-6868-4EE0-BB7C-39C2CCA11409}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SlimCleaner Plus (Scheduled Scan - Petr)
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{7DE8D128-6C86-44DA-B85E-03947E9E284D}C:\users\petr\appdata\roaming\acestream\engine\ace_engine.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{0511560C-593E-4A66-8EDF-15E83BF71532}C:\users\petr\appdata\roaming\acestream\engine\ace_engine.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C54C33DB-9022-4C2A-9107-C97F09AC7583}
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\SLIMWARE UTILITIES, INC.
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\\Clients\StartMenuInternet\Torch

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10655 octets] - [20/09/2022 10:02:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

OK. Dejte nové logy FRST+Addition.

[antonin1]

Já se hrozně omlouvám, že jsem to udělal tak zmateně. Já nejdříve začal očistou pomocí AdwCleaneru, jen jsem z něj sem nedal log. Ty logy z FRST jsou právě až po očistě, která nepomohla ke zrychlení počítače.

[Rudy]

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll -> No File
SearchScopes: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002 -> DefaultScope {5BAF1D63-BD00-48A8-94DA-5B6D52CEDF7E} URL =
SearchScopes: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002 -> {5BAF1D63-BD00-48A8-94DA-5B6D52CEDF7E} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{7C94072F-2ABB-43B4-AFDC-E3534F1ED090}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{07E6AFFD-BB8E-49E0-B0C8-2E560C0DBF87}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe => No File
FirewallRules: [{431E3882-20EB-4085-A7D6-01CBCC695AFF}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe => No File
FirewallRules: [{B7775D15-993C-4BC3-9DEF-790DC8C3EFA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe => No File
FirewallRules: [{ECC5EC78-402E-4298-9E24-6D574D2B4788}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe => No File
FirewallRules: [{12DC8F66-421A-42A9-93D9-D2E96AB8623E}] => (Block) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [{764BDEC0-4CC7-47A5-B9E5-8B0B2BF36423}] => (Block) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [UDP Query User{8CDCB377-F7DD-42C8-BC19-06F2DEF63D2F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [TCP Query User{27CFE3A4-D234-46C4-9479-7AF7CBCD2697}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [{A8952209-01C4-4AC0-8180-442E1F3547CC}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{4A91828E-1FEE-40A7-96FA-7500E562E7FB}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3E0E2712-8A80-4E95-8BE1-E12693D438C4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File
FirewallRules: [{74FC5398-2B88-428C-AA82-2F336C02291D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File
irewallRules: [{9AD083B5-9FE4-4639-A584-3DD6A60FA9E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{7414C87D-743D-4395-9D43-631FA9D84D5C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [TCP Query User{42511B14-CE61-42E6-81C0-2599A0DC158B}C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2514F2AF-44CC-4BE3-855F-37510E07ECFB}C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe => No File
FirewallRules: [{8548E6DD-2887-40FE-89CD-183A44DC0761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{22F8D383-2E2A-408A-9FBE-5B076B9AFAA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{31D22B97-B955-44E7-838E-EB4D6F62C0AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{C30A6F23-AC51-4B03-85A5-FF20EB116656}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => No File
FirewallRules: [{C60727B0-090C-4D39-B41E-F16C994650E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => No File
FirewallRules: [TCP Query User{6F705696-2DAB-4632-86B0-5692F49F1ACA}C:\users\petr\downloads\odorik (1).exe] => (Block) C:\users\petr\downloads\odorik (1).exe => No File
FirewallRules: [UDP Query User{BC108EA6-2307-4296-A177-B34387545293}C:\users\petr\downloads\odorik (1).exe] => (Block) C:\users\petr\downloads\odorik (1).exe => No File
FirewallRules: [{EB98D9B8-BF16-4B78-B5E0-178ADB8A1DDB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe => No File
FirewallRules: [{69A2B420-978F-476B-8157-308960DA6172}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe => No File
FirewallRules: [TCP Query User{A66DB229-851B-42E1-833E-ADBFAF58E582}C:\games\the keep\the.keep\thekeep.exe] => (Block) C:\games\the keep\the.keep\thekeep.exe => No File
FirewallRules: [UDP Query User{3C375058-34C5-43F5-BA91-F13F2DE98F99}C:\games\the keep\the.keep\thekeep.exe] => (Block) C:\games\the keep\the.keep\thekeep.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\Run: [AceWebExtensionUpdater] => C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {08E95C2A-4142-4FAF-9901-CCBA6C4A07D4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {0B2215EB-7256-4574-B9ED-F5523A1DDD88} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {12B4BAB1-DA0C-4A85-989E-301C4F4D70ED} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1EB1A6AD-AA48-4B3C-A666-49BDCD218C3F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {269D89D7-DE45-4C63-B453-1C2CC128A8BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {302E2EA6-12D8-4E98-A7FF-7B42338974EE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
ask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {383D12D7-CBA4-43A7-A678-6320D8A46F2A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {4A0962F2-81C7-4E94-ABCC-AB23315C8B15} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5C1A614A-A05A-4A77-A24F-0DE1D98AB0D7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5CF69F32-8193-4DD2-B8DF-86F9EA3F0D9D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7D12392D-8FC4-4919-AD7A-69EAEC94E347} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {823068D3-FC3E-4461-96ED-60A5D6DA7A38} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {938E89E7-650D-4037-9266-10F737740451} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.4.57\SymErr.exe /analyze (No File)
Task: {9874F263-0137-4404-A063-15497FB5935A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A0948E38-7E14-41A9-A575-6DE0BB79BE73} - System32\Tasks\WindowsMediaSharing => C:\windows\wndsvr.exe (No File)
Task: {C1B7C598-3496-41A4-9454-5BB1417BF756} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FAC0168A-C38E-453D-967E-95FB0C6C5825} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\Users\Petr\AppData\Local\{30D4210C-5ED3-4CDE-BF01-C189DE53A9E2}

EmptyTemp:
End

Uložte do C:\Users\Petr\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[antonin1]

Moc děkuji! Zde je výsledný log z FRST:

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by Petr (20-09-2022 19:17:29) Run:1
Running from C:\Users\Petr\Downloads
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll -> No File
SearchScopes: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002 -> DefaultScope {5BAF1D63-BD00-48A8-94DA-5B6D52CEDF7E} URL =
SearchScopes: HKU\S-1-5-21-3879793939-1037263308-1146612629-1002 -> {5BAF1D63-BD00-48A8-94DA-5B6D52CEDF7E} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{7C94072F-2ABB-43B4-AFDC-E3534F1ED090}] => (Allow) C:\Users\Petr\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{07E6AFFD-BB8E-49E0-B0C8-2E560C0DBF87}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe => No File
FirewallRules: [{431E3882-20EB-4085-A7D6-01CBCC695AFF}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe => No File
FirewallRules: [{B7775D15-993C-4BC3-9DEF-790DC8C3EFA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe => No File
FirewallRules: [{ECC5EC78-402E-4298-9E24-6D574D2B4788}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe => No File
FirewallRules: [{12DC8F66-421A-42A9-93D9-D2E96AB8623E}] => (Block) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [{764BDEC0-4CC7-47A5-B9E5-8B0B2BF36423}] => (Block) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [UDP Query User{8CDCB377-F7DD-42C8-BC19-06F2DEF63D2F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [TCP Query User{27CFE3A4-D234-46C4-9479-7AF7CBCD2697}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe => No File
FirewallRules: [{A8952209-01C4-4AC0-8180-442E1F3547CC}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{4A91828E-1FEE-40A7-96FA-7500E562E7FB}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3E0E2712-8A80-4E95-8BE1-E12693D438C4}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File
FirewallRules: [{74FC5398-2B88-428C-AA82-2F336C02291D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File
irewallRules: [{9AD083B5-9FE4-4639-A584-3DD6A60FA9E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [{7414C87D-743D-4395-9D43-631FA9D84D5C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File
FirewallRules: [TCP Query User{42511B14-CE61-42E6-81C0-2599A0DC158B}C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2514F2AF-44CC-4BE3-855F-37510E07ECFB}C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Block) C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe => No File
FirewallRules: [{8548E6DD-2887-40FE-89CD-183A44DC0761}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{22F8D383-2E2A-408A-9FBE-5B076B9AFAA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{31D22B97-B955-44E7-838E-EB4D6F62C0AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{C30A6F23-AC51-4B03-85A5-FF20EB116656}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => No File
FirewallRules: [{C60727B0-090C-4D39-B41E-F16C994650E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe => No File
FirewallRules: [TCP Query User{6F705696-2DAB-4632-86B0-5692F49F1ACA}C:\users\petr\downloads\odorik (1).exe] => (Block) C:\users\petr\downloads\odorik (1).exe => No File
FirewallRules: [UDP Query User{BC108EA6-2307-4296-A177-B34387545293}C:\users\petr\downloads\odorik (1).exe] => (Block) C:\users\petr\downloads\odorik (1).exe => No File
FirewallRules: [{EB98D9B8-BF16-4B78-B5E0-178ADB8A1DDB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe => No File
FirewallRules: [{69A2B420-978F-476B-8157-308960DA6172}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe => No File
FirewallRules: [TCP Query User{A66DB229-851B-42E1-833E-ADBFAF58E582}C:\games\the keep\the.keep\thekeep.exe] => (Block) C:\games\the keep\the.keep\thekeep.exe => No File
FirewallRules: [UDP Query User{3C375058-34C5-43F5-BA91-F13F2DE98F99}C:\games\the keep\the.keep\thekeep.exe] => (Block) C:\games\the keep\the.keep\thekeep.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\...\Run: [AceWebExtensionUpdater] => C:\Users\Petr\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {08E95C2A-4142-4FAF-9901-CCBA6C4A07D4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {0B2215EB-7256-4574-B9ED-F5523A1DDD88} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {12B4BAB1-DA0C-4A85-989E-301C4F4D70ED} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1EB1A6AD-AA48-4B3C-A666-49BDCD218C3F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {269D89D7-DE45-4C63-B453-1C2CC128A8BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {302E2EA6-12D8-4E98-A7FF-7B42338974EE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
ask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {383D12D7-CBA4-43A7-A678-6320D8A46F2A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (No File)
Task: {4A0962F2-81C7-4E94-ABCC-AB23315C8B15} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5C1A614A-A05A-4A77-A24F-0DE1D98AB0D7} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5CF69F32-8193-4DD2-B8DF-86F9EA3F0D9D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7D12392D-8FC4-4919-AD7A-69EAEC94E347} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {823068D3-FC3E-4461-96ED-60A5D6DA7A38} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {938E89E7-650D-4037-9266-10F737740451} - System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.20.4.57\SymErr.exe /analyze (No File)
Task: {9874F263-0137-4404-A063-15497FB5935A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A0948E38-7E14-41A9-A575-6DE0BB79BE73} - System32\Tasks\WindowsMediaSharing => C:\windows\wndsvr.exe (No File)
Task: {C1B7C598-3496-41A4-9454-5BB1417BF756} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FAC0168A-C38E-453D-967E-95FB0C6C5825} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\Users\Petr\AppData\Local\{30D4210C-5ED3-4CDE-BF01-C189DE53A9E2}

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => removed successfully
"HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5BAF1D63-BD00-48A8-94DA-5B6D52CEDF7E} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C94072F-2ABB-43B4-AFDC-E3534F1ED090}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07E6AFFD-BB8E-49E0-B0C8-2E560C0DBF87}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{431E3882-20EB-4085-A7D6-01CBCC695AFF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B7775D15-993C-4BC3-9DEF-790DC8C3EFA6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ECC5EC78-402E-4298-9E24-6D574D2B4788}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12DC8F66-421A-42A9-93D9-D2E96AB8623E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{764BDEC0-4CC7-47A5-B9E5-8B0B2BF36423}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8CDCB377-F7DD-42C8-BC19-06F2DEF63D2F}C:\program files (x86)\sopcast\sopcast.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{27CFE3A4-D234-46C4-9479-7AF7CBCD2697}C:\program files (x86)\sopcast\sopcast.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8952209-01C4-4AC0-8180-442E1F3547CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A91828E-1FEE-40A7-96FA-7500E562E7FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E0E2712-8A80-4E95-8BE1-E12693D438C4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{74FC5398-2B88-428C-AA82-2F336C02291D}" => removed successfully
irewallRules: [{9AD083B5-9FE4-4639-A584-3DD6A60FA9E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe => No File => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7414C87D-743D-4395-9D43-631FA9D84D5C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{42511B14-CE61-42E6-81C0-2599A0DC158B}C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2514F2AF-44CC-4BE3-855F-37510E07ECFB}C:\program files (x86)\r.g. mechanics\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8548E6DD-2887-40FE-89CD-183A44DC0761}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{22F8D383-2E2A-408A-9FBE-5B076B9AFAA3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{31D22B97-B955-44E7-838E-EB4D6F62C0AA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C30A6F23-AC51-4B03-85A5-FF20EB116656}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C60727B0-090C-4D39-B41E-F16C994650E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6F705696-2DAB-4632-86B0-5692F49F1ACA}C:\users\petr\downloads\odorik (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BC108EA6-2307-4296-A177-B34387545293}C:\users\petr\downloads\odorik (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB98D9B8-BF16-4B78-B5E0-178ADB8A1DDB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69A2B420-978F-476B-8157-308960DA6172}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A66DB229-851B-42E1-833E-ADBFAF58E582}C:\games\the keep\the.keep\thekeep.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3C375058-34C5-43F5-BA91-F13F2DE98F99}C:\games\the keep\the.keep\thekeep.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
"HKU\S-1-5-21-3879793939-1037263308-1146612629-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AceWebExtensionUpdater" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08E95C2A-4142-4FAF-9901-CCBA6C4A07D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08E95C2A-4142-4FAF-9901-CCBA6C4A07D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B2215EB-7256-4574-B9ED-F5523A1DDD88}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B2215EB-7256-4574-B9ED-F5523A1DDD88}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12B4BAB1-DA0C-4A85-989E-301C4F4D70ED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12B4BAB1-DA0C-4A85-989E-301C4F4D70ED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EB1A6AD-AA48-4B3C-A666-49BDCD218C3F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EB1A6AD-AA48-4B3C-A666-49BDCD218C3F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{269D89D7-DE45-4C63-B453-1C2CC128A8BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{269D89D7-DE45-4C63-B453-1C2CC128A8BA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{302E2EA6-12D8-4E98-A7FF-7B42338974EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{302E2EA6-12D8-4E98-A7FF-7B42338974EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
ask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{383D12D7-CBA4-43A7-A678-6320D8A46F2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{383D12D7-CBA4-43A7-A678-6320D8A46F2A}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Customer Feedback Program => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A0962F2-81C7-4E94-ABCC-AB23315C8B15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A0962F2-81C7-4E94-ABCC-AB23315C8B15}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C1A614A-A05A-4A77-A24F-0DE1D98AB0D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C1A614A-A05A-4A77-A24F-0DE1D98AB0D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF69F32-8193-4DD2-B8DF-86F9EA3F0D9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF69F32-8193-4DD2-B8DF-86F9EA3F0D9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7D12392D-8FC4-4919-AD7A-69EAEC94E347}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D12392D-8FC4-4919-AD7A-69EAEC94E347}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{823068D3-FC3E-4461-96ED-60A5D6DA7A38}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{823068D3-FC3E-4461-96ED-60A5D6DA7A38}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{938E89E7-650D-4037-9266-10F737740451}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{938E89E7-650D-4037-9266-10F737740451}" => removed successfully
C:\WINDOWS\System32\Tasks\Norton Security with Backup\Norton Security Error Analyzer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security with Backup\Norton Security Error Analyzer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9874F263-0137-4404-A063-15497FB5935A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9874F263-0137-4404-A063-15497FB5935A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0948E38-7E14-41A9-A575-6DE0BB79BE73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0948E38-7E14-41A9-A575-6DE0BB79BE73}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsMediaSharing => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsMediaSharing" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1B7C598-3496-41A4-9454-5BB1417BF756}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1B7C598-3496-41A4-9454-5BB1417BF756}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAC0168A-C38E-453D-967E-95FB0C6C5825}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAC0168A-C38E-453D-967E-95FB0C6C5825}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64 35" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Petr\AppData\Local\{30D4210C-5ED3-4CDE-BF01-C189DE53A9E2} => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 645380261 B
Java, Discord, Steam htmlcache => 16700045 B
Windows/system/drivers => 2168662 B
Edge => 4996081 B
Chrome => 382954937 B
Firefox => 244034151 B
Opera => 261121007 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 474760 B
NetworkService => 231011132 B
Petr => 253767697 B

RecycleBin => 8261091314 B
EmptyTemp: => 9.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 20-09-2022 19:26:44)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 19:26:46 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[antonin1]

Určité zlepšení tam je, díky moc, ale kupříkladu po restartu dlouho běží SysMain, což hodně zatěžuje disk (běží pak třeba 20 minut na 50%).

[Rudy]

Zkuste ještě defragmentovat disk.

[antonin1]

Počítač už je znovu použitelný. Moc děkuji za pomoc!

[Rudy]

Rádo se stalo!