Prestal fungovat internet na laptopu

[androidx]

Dobrý den,
dnes při používání laptopu, aplikaci mozila firefox, zničeho nic se zpomalil internet až najednou nešel vůbec. To se odehrálo v rozmezí 5 minut. Jsem připojen přes wifi na router. 192.168.0.1. kdž zadám tak vidím router, můžu se do něj i dostat. V příkazovém řádku když dám ping www.google.com tak není odezva. A ještě co sem si všiml tak na ploše v pravém dolním rohu je neviditelný čtverec na který se nedá zmáčknout, ale objeví se jen po připojení na wifi na router. Zkousil jsem se připojit na wifi přes hotspot přes telefon a internet funguje a čtverec na ploše není. Napadá mě virus? Nevím. přikládám Log z FRST.
Děkuji za pomoc. Karel

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by AndroiD (administrator) on ANDROID (LENOVO 82JU) (05-10-2024 19:38:41)
Running from C:\Users\AndroiD\OneDrive\Desktop\FRST64.exe
Loaded Profiles: AndroiD
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4894 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(A-Volute SAS -> A-Volute) C:\Users\AndroiD\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\FnHotkeyUtility.exe
(DriverStore\FileRepository\u0369673.inf_amd64_58833994acffc9ae\B369681\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0369673.inf_amd64_58833994acffc9ae\B369681\atieclxx.exe
(explorer.exe ->) (MobiSystems, Inc. -> MobiSystems Inc.) C:\Program Files\MobiSystems\OfficeSuite\MobiSystemsUpdate.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0369673.inf_amd64_58833994acffc9ae\B369681\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (eVenture Limited -> eVenture Limited) C:\Program Files (x86)\hide.me VPN\hidemesvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\LenovoUtilityService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_8a5f4454d3faac1c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe <2>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2405.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_74518f403e753586\RtkAudUService64.exe [1219312 2020-12-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [OfficeSuite] => C:\Program Files\MobiSystems\OfficeSuite\MobiSystemsUpdate.exe [349048 2023-12-21] (MobiSystems, Inc. -> MobiSystems Inc.)
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\Run: [utweb] => C:\Users\AndroiD\AppData\Roaming\uTorrent Web\utweb.exe [6415008 2022-11-17] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-27] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\Run: [MicrosoftEdgeAutoLaunch_BA7CFA65D92143A08B855CE33E82AC75] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3795008 2024-10-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\MountPoints2: D - "D:\Autorun.exe"
HKLM\Software\...\AppCompatFlags\Custom\Battlegrounds.exe: [{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb] -> STAR WARS - Galactic Battlegrounds Saga
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f3d9623-1935-43fa-9756-e90f3134f675}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb [2022-11-12]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.199\Installer\chrmstp.exe [2023-06-29] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AD261A8-277E-49FD-8629-AFCC19249D55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {5AC2134A-C828-4340-ADB6-00E0B6029489} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-27] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {73C5A2AE-E9D9-4A39-B343-153392348C50} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-27] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "246385b8-e49e-4961-ad0a-0e853645ec6f" --version "6.11.10455" --silent
Task: {9EA7C6FB-C35D-439E-82EE-DA73AFA963A2} - System32\Tasks\CCleanerSkipUAC - AndroiD => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-27] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FB2F3E7C-2A87-459E-9358-F75E645F1C23} - System32\Tasks\GoogleUpdateTaskMachineCore => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c (No File)
Task: {C0F1C45E-CFCA-4677-8A21-C2F407395BAC} - System32\Tasks\GoogleUpdateTaskMachineUA => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler (No File)
Task: {B8FDF5F8-8665-424C-8D56-648B7060DA43} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {D5F3B806-609B-4726-BFE1-F862F2BD1468} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {95005BEA-8227-4B2E-959B-A57CF4271E42} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\Windows\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {D7D2F26A-1518-49C6-B4ED-A7872230F9F6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\30e8a8a6-9acb-4987-b32a-e87c089e7dad => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {1055A220-3F99-4B61-90B9-FB0C361B7958} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\549b68d8-2803-460d-8bbf-4c11271e6a73 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {B52B83E4-AC8F-4764-9D89-107060C733B2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5998ad3f-2713-4d64-b79a-ee2514cf3bb6 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {C6226B7E-0BF6-46C5-8922-5E614305B707} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\61e9326d-ff81-4751-b04b-274c010b8efb => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {AB0A5A55-6D73-4D42-B9B8-492B55AE38B7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a8485f06-4572-4270-b060-12dd6386b6c7 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {15F75D19-67CD-4BAD-B5AF-611328EDC801} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1254691839-1519622889-3421833155-1001 => C:\Users\AndroiD\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {D8C9C6AE-98F8-42CF-B3AF-C7F6E4B48BAB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F12E27D-A576-4B9F-A278-B8A196BA0867} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D8152C79-126B-4A2F-8BF2-03306A8D5BC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2942B3EB-3713-446D-B8F7-0F66E0F63EDB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB59FAC1-3625-479D-920C-25B38D617C38} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-10-03] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {E868F29F-C854-44C0-96D3-5810A420EA47} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-1254691839-1519622889-3421833155-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [672328 2024-10-03] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {3C35CE87-3886-4E09-8767-E8AEB34C4C8D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34376 2024-10-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {EAE726C0-478F-4126-A98F-0E349CE3285E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {D30DA40A-61EB-4796-B957-7C47AF2AC00F} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1254691839-1519622889-3421833155-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-10-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{10d88d79-9758-4873-8865-cb6ff8f1ea6f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{10d88d79-9758-4873-8865-cb6ff8f1ea6f}: [DhcpDomain] home
Tcpip\..\Interfaces\{10d88d79-9758-4873-8865-cb6ff8f1ea6f}\B4162756C6: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{10d88d79-9758-4873-8865-cb6ff8f1ea6f}\C45687963702F46666963656027596D26496: [DhcpNameServer] 192.168.20.1 8.8.4.4
Tcpip\..\Interfaces\{10d88d79-9758-4873-8865-cb6ff8f1ea6f}\D49636861656C61602822392: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{3f45eec1-b7bf-4c34-9905-78a4aa15ad95}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{3f45eec1-b7bf-4c34-9905-78a4aa15ad95}\F405455535F5143323541443D4: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3f45eec1-b7bf-4c34-9905-78a4aa15ad95}\F405455535F5143323541443D4: [DhcpDomain] home
Tcpip\..\Interfaces\{bf11cd1e-900a-4239-9986-88d688cdf928}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{bf11cd1e-900a-4239-9986-88d688cdf928}: [DhcpDomain] gateway
Tcpip\..\Interfaces\{bf11cd1e-900a-4239-9986-88d688cdf928}\7427567691023702960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{bf11cd1e-900a-4239-9986-88d688cdf928}\75966496D2436364548314: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{bf11cd1e-900a-4239-9986-88d688cdf928}\845514755494D22423336383D2145443247354: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bf11cd1e-900a-4239-9986-88d688cdf928}\845514755494D22423336383D2145443247354: [DhcpDomain] home
Tcpip\..\Interfaces\{bf11cd1e-900a-4239-9986-88d688cdf928}\B4162756C6: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{bf11cd1e-900a-4239-9986-88d688cdf928}\B4162756C696C6969696: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{da512570-b3d2-479b-9c51-11bafe17c20f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{da512570-b3d2-479b-9c51-11bafe17c20f}: [DhcpDomain] gateway
Tcpip\..\Interfaces\{da512570-b3d2-479b-9c51-11bafe17c20f}\2456C6F6E6762554746443555425: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{da512570-b3d2-479b-9c51-11bafe17c20f}\2456C6F6E6762554746443555425: [DhcpDomain] gateway
Tcpip\..\Interfaces\{da512570-b3d2-479b-9c51-11bafe17c20f}\B4162756C6: [DhcpNameServer] 172.20.10.1

Edge:
=======
Edge Profile: C:\Users\AndroiD\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-31]
Edge Extension: (Dokumenty Google offline) - C:\Users\AndroiD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-12]
Edge Extension: (Edge relevant text changes) - C:\Users\AndroiD\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF DefaultProfile: 224dws9n.default
FF ProfilePath: C:\Users\AndroiD\AppData\Roaming\Mozilla\Firefox\Profiles\224dws9n.default [2021-10-26]
FF ProfilePath: C:\Users\AndroiD\AppData\Roaming\Mozilla\Firefox\Profiles\paduscp3.default-release [2024-10-05]
FF Session Restore: Mozilla\Firefox\Profiles\paduscp3.default-release -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\paduscp3.default-release -> hxxps://www.spektrumzdravi.cz; hxxps://www.facebook.com; hxxps://www.pathofexile.com
FF Extension: (Activist – Balanced) - C:\Users\AndroiD\AppData\Roaming\Mozilla\Firefox\Profiles\paduscp3.default-release\Extensions\activist-balanced-colorway@mozilla.org.xpi [2023-03-18]
FF Extension: (BetterTTV) - C:\Users\AndroiD\AppData\Roaming\Mozilla\Firefox\Profiles\paduscp3.default-release\Extensions\firefox@betterttv.net.xpi [2024-09-05]
FF Extension: (Google Translator for Firefox) - C:\Users\AndroiD\AppData\Roaming\Mozilla\Firefox\Profiles\paduscp3.default-release\Extensions\translator@zoli.bod.xpi [2024-04-26]
FF Extension: (Watch2Gether) - C:\Users\AndroiD\AppData\Roaming\Mozilla\Firefox\Profiles\paduscp3.default-release\Extensions\{6ea0a676-b3ef-48aa-b23d-24c8876945fb}.xpi [2024-08-21]
FF Extension: (No Name) - C:\Users\AndroiD\AppData\Roaming\Mozilla\Firefox\Profiles\paduscp3.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-10-03]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\AndroiD\AppData\Local\Google\Chrome\User Data\Default [2024-08-15]
CHR Extension: (Watch2Gether Twitch) - C:\Users\AndroiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmdjkfdmjjjigkmfammiieghajelniii [2023-07-05]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\AndroiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-08-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\AndroiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\AndroiD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-02]
CHR HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2573448 2024-09-27] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 Bonjour Service; C:\Program Files\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2021-09-09] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063736 2023-04-27] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1134624 2022-06-19] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-02] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncHelper.exe [3522976 2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\hidemesvc.exe [177936 2022-11-21] (eVenture Limited -> eVenture Limited)
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_1f1bd4b8a7603166\LenovoUtilityService.exe [178656 2024-08-21] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1633288 2020-12-10] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_8a5f4454d3faac1c\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.180.0905.0001\OneDriveUpdaterService.exe [3864496 2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530488 2024-09-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\94e69ca4dbae2a26988c9b20ff32516194079459\smrtsvc64.exe [13959408 2024-05-28] (LAB RIVAS SL -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 hideFirewall; C:\Windows\System32\drivers\hideFirewall.sys [100352 2021-10-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 MpKsl944315f3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E0EC684D-55B1-4D27-BFA9-6804BAA3C12E}\MpKslDrv.sys [267552 2024-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [235016 2024-04-12] (NVIDIA Corporation -> NVIDIA Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-30] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602392 2024-09-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-18] (Microsoft Windows -> Microsoft Corporation)
R1 WinRing0_1_2_0; C:\Program Files (x86)\NoteBook FanControl\WinRing0x64.sys [14544 2022-01-22] (Noriyuki MIYAZAKI -> OpenLibSys.org)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-07-05] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X] <==== ATTENTION
S3 LFCRW; \??\C:\Program Files (x86)\LegionFanControl\RwDrv.sys [X]
S3 PRProt; \??\C:\Users\AndroiD\AppData\Local\Temp\ActiveAnticheat\1223619\active64.sys [X] <==== ATTENTION
S3 rwdrv; \??\C:\Program Files (x86)\LegionFanControl\rwdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-10-05 19:38 - 2024-10-05 19:39 - 000025170 _____ C:\Users\AndroiD\OneDrive\Desktop\FRST.txt
2024-10-05 19:38 - 2024-10-05 19:38 - 000000000 ____D C:\FRST
2024-10-05 19:37 - 2024-10-05 19:38 - 002397696 _____ (Farbar) C:\Users\AndroiD\OneDrive\Desktop\FRST64.exe
2024-10-05 18:50 - 2024-10-05 18:50 - 000001200 _____ C:\Windows\storelibdebug.txt
2024-10-03 18:55 - 2024-10-03 18:55 - 000501285 _____ C:\Users\AndroiD\Downloads\Offer Confirmation Letter.pdf
2024-10-03 18:55 - 2024-10-03 18:55 - 000008305 _____ C:\Users\AndroiD\Downloads\Account confirmation-1.pdf
2024-10-03 18:44 - 2024-10-03 18:44 - 000095817 _____ C:\Users\AndroiD\Downloads\Medicare Kroufkova.pdf
2024-10-03 18:38 - 2024-10-03 18:38 - 000082013 _____ C:\Users\AndroiD\Downloads\Medicare.pdf
2024-09-26 20:22 - 2024-09-26 20:22 - 000321926 _____ C:\Users\AndroiD\Downloads\state_formsQLDpermanent_transfer_of_tc.pdf
2024-09-23 17:28 - 2024-09-23 17:28 - 000214667 _____ C:\Users\AndroiD\Downloads\Sales Quote_SQ-00006059_2024.09.23_14.59.58.PDF
2024-09-12 18:59 - 2024-09-12 18:59 - 000000000 ___HD C:\$WinREAgent
2024-09-10 19:44 - 2024-09-10 19:44 - 000008462 _____ C:\Users\AndroiD\Downloads\Balance confirmation.pdf
2024-09-10 19:42 - 2024-09-10 19:42 - 000168425 _____ C:\Users\AndroiD\Downloads\paySlip-5.pdf
2024-09-10 19:42 - 2024-09-10 19:42 - 000168369 _____ C:\Users\AndroiD\Downloads\paySlip-3.pdf
2024-09-10 19:42 - 2024-09-10 19:42 - 000168358 _____ C:\Users\AndroiD\Downloads\paySlip-4.pdf
2024-09-10 19:39 - 2024-09-10 19:40 - 000008310 _____ C:\Users\AndroiD\Downloads\Account confirmation.pdf
2024-09-10 18:56 - 2024-09-10 18:56 - 000254218 _____ C:\Users\AndroiD\Downloads\Application new home-1.pdf
2024-09-10 18:56 - 2024-09-10 18:56 - 000034811 _____ C:\Users\AndroiD\Downloads\landlord letter-1.pdf
2024-09-10 18:56 - 2024-09-10 18:56 - 000020028 _____ C:\Users\AndroiD\Downloads\about us-1.pdf
2024-09-08 13:17 - 2024-09-08 13:17 - 000000000 ____D C:\Users\AndroiD\Downloads\TAESC_GOLD_9_9_8_FULL
2024-09-08 13:14 - 2024-09-08 13:15 - 317014646 _____ C:\Users\AndroiD\Downloads\TAESC_GOLD_9_9_8_FULL.rar

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-10-05 19:34 - 2022-04-11 18:40 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-10-05 19:25 - 2021-09-23 04:49 - 000000000 ____D C:\Users\AndroiD\AppData\Local\ElevatedDiagnostics
2024-10-05 19:24 - 2021-06-30 17:15 - 000000000 ____D C:\Windows\TempInst
2024-10-05 19:24 - 2021-06-30 17:11 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2024-10-05 19:24 - 2021-06-30 17:11 - 000000000 ____D C:\Users\AndroiD\AppData\Local\Lenovo
2024-10-05 19:24 - 2021-06-30 17:11 - 000000000 ____D C:\ProgramData\Lenovo
2024-10-05 19:24 - 2021-06-30 17:11 - 000000000 ____D C:\Program Files (x86)\Lenovo
2024-10-05 19:24 - 2019-12-07 19:03 - 000000000 ____D C:\Windows\CbsTemp
2024-10-05 19:23 - 2023-04-21 16:58 - 000001099 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2024-10-05 19:23 - 2023-04-13 16:25 - 000000000 ____D C:\Windows\system32\Tasks\TVT
2024-10-05 19:23 - 2021-07-01 06:26 - 000000000 ____D C:\Users\AndroiD\AppData\LocalLow\Lenovo
2024-10-05 19:23 - 2021-06-30 22:07 - 000000000 ____D C:\Users\AndroiD\AppData\Local\Packages
2024-10-05 19:23 - 2019-12-07 19:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-05 19:23 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\AppReadiness
2024-10-05 19:22 - 2022-02-11 17:27 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-10-05 19:20 - 2021-06-30 16:27 - 000000000 ____D C:\ProgramData\NVIDIA
2024-10-05 19:18 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\system32\NDF
2024-10-05 18:50 - 2021-06-30 16:42 - 000000000 ____D C:\Users\AndroiD\AppData\Local\D3DSCache
2024-10-05 18:37 - 2021-06-30 22:08 - 001693712 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-05 18:37 - 2019-12-08 00:43 - 000718160 _____ C:\Windows\system32\perfh005.dat
2024-10-05 18:37 - 2019-12-08 00:43 - 000145302 _____ C:\Windows\system32\perfc005.dat
2024-10-05 18:37 - 2019-12-07 19:13 - 000000000 ____D C:\Windows\INF
2024-10-05 18:30 - 2022-04-11 18:40 - 000000000 ____D C:\Program Files\CCleaner
2024-10-05 18:30 - 2021-12-18 23:09 - 000000000 ____D C:\Windows\SystemTemp
2024-10-05 18:30 - 2021-06-30 22:02 - 000008192 ___SH C:\DumpStack.log.tmp
2024-10-05 18:30 - 2021-06-30 22:02 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-05 18:30 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\ServiceState
2024-10-05 18:27 - 2019-12-07 19:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-10-05 18:21 - 2024-07-08 17:36 - 000000000 ____D C:\Users\AndroiD\AppData\Local\Battle.net
2024-10-05 18:13 - 2021-06-30 22:02 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-05 18:11 - 2024-07-08 17:37 - 000000000 ____D C:\Program Files (x86)\Warcraft III
2024-10-05 18:11 - 2024-07-08 17:06 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-10-05 18:09 - 2021-06-30 22:02 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-05 17:34 - 2023-03-26 14:53 - 000000000 ____D C:\Users\AndroiD\AppData\Roaming\Beyond-All-Reason
2024-10-04 21:13 - 2022-05-13 15:06 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-10-04 21:13 - 2022-05-13 15:06 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-10-04 21:13 - 2022-05-13 15:06 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-10-04 21:13 - 2021-12-11 20:40 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1254691839-1519622889-3421833155-1001
2024-10-03 20:16 - 2021-10-26 06:57 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-10-03 20:16 - 2021-10-26 06:57 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-10-03 20:16 - 2021-10-26 06:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-10-03 20:15 - 2022-08-22 09:05 - 000000000 ____D C:\Users\AndroiD\AppData\Roaming\awakened-poe-trade
2024-10-02 16:22 - 2023-11-03 15:43 - 000010357 _____ C:\Users\AndroiD\OneDrive\Desktop\Wayne pujcka.xlsx
2024-09-30 21:22 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-09-28 17:49 - 2021-06-30 22:02 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-28 17:49 - 2021-06-30 22:02 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-18 18:22 - 2021-06-30 22:02 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-09-14 21:55 - 2021-06-30 16:45 - 000000000 ____D C:\Program Files (x86)\Steam
2024-09-14 16:59 - 2021-06-30 16:46 - 000000000 ____D C:\Users\AndroiD\AppData\Local\Steam
2024-09-13 22:51 - 2021-06-30 22:02 - 000259768 _____ C:\Windows\system32\FNTCACHE.DAT
2024-09-13 22:51 - 2019-12-08 00:47 - 000000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2024-09-13 22:51 - 2019-12-08 00:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\SystemResources
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\system32\oobe
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\system32\Dism
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-09-13 22:51 - 2019-12-07 19:14 - 000000000 ____D C:\Windows\bcastdvr
2024-09-12 19:04 - 2021-06-30 22:06 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-09-12 18:55 - 2021-07-03 22:41 - 000000000 ____D C:\Windows\system32\MRT
2024-09-12 18:54 - 2021-07-03 22:41 - 199688632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-09-12 18:45 - 2022-09-14 15:39 - 000000000 ____D C:\Users\AndroiD\AppData\Roaming\com.adobe.dunamis
2024-09-12 18:45 - 2022-05-22 08:05 - 000000000 ____D C:\Users\AndroiD\AppData\Local\Adobe
2024-09-12 18:45 - 2021-06-30 22:07 - 000000000 ____D C:\Users\AndroiD\AppData\Roaming\Adobe
2024-09-11 20:38 - 2022-10-12 21:11 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-09-11 20:38 - 2022-05-22 08:13 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories ========

2023-06-22 13:22 - 2023-06-22 13:22 - 000007590 _____ () C:\Users\AndroiD\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by AndroiD (05-10-2024 19:39:47)
Running from C:\Users\AndroiD\OneDrive\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4894 (X64) (2021-06-30 12:04:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1254691839-1519622889-3421833155-500 - Administrator - Disabled)
AndroiD (S-1-5-21-1254691839-1519622889-3421833155-1001 - Administrator - Enabled) => C:\Users\AndroiD
DefaultAccount (S-1-5-21-1254691839-1519622889-3421833155-503 - Limited - Disabled)
Guest (S-1-5-21-1254691839-1519622889-3421833155-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1254691839-1519622889-3421833155-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.003.20112 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AutoHotkey 1.1.34.03 (HKLM\...\AutoHotkey) (Version: 1.1.34.03 - Lexikos)
Awakened PoE Trade 3.25.102 (HKLM\...\2ea281da-028b-5d55-b26e-53163c89344a) (Version: 3.25.102 - Alexander Drozdov)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beyond-All-Reason 1.2988.0 (HKLM\...\a5671b31-085d-5fba-830a-66a891c6a4a4) (Version: 1.2988.0 - BAR Team)
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Empire Earth (HKLM-x32\...\InstallShield_{65B09E79-0187-4813-8258-03991132E5A5}) (Version: 2.0.0.0 - Název společnosti:)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
GameRanger (HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2023.6.29.12 - PandoraTV)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Lenovo Service Bridge (HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.17 - Lenovo)
Microsoft .NET Host - 5.0.9 (x64) (HKLM\...\{8313C056-53A4-4845-B03E-5C27165DC2F1}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.9 (x64) (HKLM\...\{AB193EEE-76AF-43D3-BFC1-823EE43D7738}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.9 (x64) (HKLM\...\{D55E73D8-86EB-4FC3-A957-54616AA3D961}) (Version: 40.36.30309 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.79 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.79 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.180.0905.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30135 (HKLM\...\{34DB4181-0770-4B5A-B561-68758A077B0F}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30135 (HKLM\...\{40118CD9-A805-400C-864E-041A5B5C01B0}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.9 (x64) (HKLM\...\{D9A03C1C-D245-4579-B4DC-0BB2BC87E6E7}) (Version: 40.36.30315 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.9 (x64) (HKLM-x32\...\{70502eec-6d06-46ce-8acb-84c9d5248a12}) (Version: 5.0.9.30315 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 131.0 (x64 cs)) (Version: 131.0 - Mozilla)
NoteBook FanControl (HKLM-x32\...\{6ccab7ac-feb0-4395-97e3-75cd6f6c407b}) (Version: 1.6.3.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (HKLM-x32\...\{C027E819-C64C-443E-B6D5-755FE4A7A925}) (Version: 1.6.3.0 - Stefan Hirschmann - StagWare) Hidden
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 552.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 552.22 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OfficeSuite (HKLM\...\{D44199BA-39C5-4897-BC38-457C8B5E1660}) (Version: 8.10.53804.0 - MobiSystems) Hidden
OfficeSuite (HKLM-x32\...\{68c794e9-9e31-40fc-99ff-8b2e28e93dd5}) (Version: 6.40.44466 - MobiSystems)
Path of Building Community (HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\Path of Building Community) (Version: 2.16.0 - Path of Building Community)
Path of Exile (HKLM-x32\...\{5418f041-e1ab-4ac1-9713-da5c4a3e2671}) (Version: 3.18.0.64788 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.18.0.64788 - Grinding Gear Games) Hidden
Pharaoh Gold Bundle (HKLM-x32\...\Pharaoh Gold Bundle_is1) (Version: - GOG.com)
PowerISO (HKLM-x32\...\PowerISO) (Version: 8.1 - Power Software Ltd)
Reborn Application (HKLM-x32\...\{17A4F85A-1219-4143-A0D6-E9EBC6084064}) (Version: 1.0.0.1 - l2reborn.org)
SmartGuard Anti-Cheat (HKLM\...\SmartGuardAntiCheat) (Version: - )
STAR WARS - Galactic Battlegrounds Saga (HKLM\...\{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb) (Version: - )
Star Wars Galactic Battlegrounds All-In-One Patch (HKLM-x32\...\{9A2E0F8A-8388-419F-880E-AB300284BF2E}_is1) (Version: 3.0 - Carborunda)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TA Forever Client 1.4.3-taf-0.14.8 (HKLM\...\1364-9624-6962-8970) (Version: 1.4.3-taf-0.14.8 - TA Forever)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
uTorrent Web (HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\utweb) (Version: 1.3.0 - Rainberry, Inc.)
W3Champions (HKLM\...\{AB2F1D52-07F7-4B34-AFDC-C0C22A2E6D27}) (Version: 1.4.28 - w3champions)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Wargaming.net Game Center (HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\Wargaming.net Game Center) (Version: 21.9.0.7903 - Wargaming.net)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\ZoomUMX) (Version: 5.14.7 (15877) - Zoom Video Communications, Inc.)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-20] ()
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.40028.0_x64__0a9344xs7nr4m [2024-05-24] (Advanced Micro Devices Inc.) [Startup Task]
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-06-25] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2023-06-25] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-25] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.22.240.0_x64__dt26b99r8h8gj [2021-06-30] (Realtek Semiconductor Corp)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-08-27] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1254691839-1519622889-3421833155-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1254691839-1519622889-3421833155-1001_Classes\CLSID\{2fd1b642-ca5d-4583-bccf-12ef694a9d59}\localserver32 -> C:\Program Files\MobiSystems\OfficeSuite\MobiSystemsUpdate.exe (MobiSystems, Inc. -> MobiSystems Inc.)
CustomCLSID: HKU\S-1-5-21-1254691839-1519622889-3421833155-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1254691839-1519622889-3421833155-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\AndroiD\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.180.0905.0001\FileSyncShell64.dll [2024-10-04] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-07-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_8a5f4454d3faac1c\nvshext.dll [2024-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2021-11-04] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-08-10 18:02 - 2024-08-10 18:02 - 000012800 _____ () [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DesktopBrid77d54e93#\e1f3bdfd95207a1e2b45b0fd00e3390f\DesktopBridge.Helpers.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000038400 _____ (App vNext) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Polly.Contr7b804084#\077f424ed4b18097cf30be2e1dd0d741\Polly.Contrib.WaitAndRetry.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 002086912 _____ (App vNext) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Polly\4dd3ff70e390f7e0d37d6b5c32427c08\Polly.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000367104 _____ (Brian Lagunas;Dan Siegel) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Prism\e53b203404e8413b49d9efef0331ba40\Prism.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 002516480 _____ (Google Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Google.Protobuf\42e4dc8eee531b949251471c44dfb9e8\Google.Protobuf.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 001160192 _____ (hxxps://github.com/ControlzEx/ControlzEx) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ControlzEx\e7c638155b1e2e6b58511e91b22e49b9\ControlzEx.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 004691968 _____ (hxxps://github.com/fluentribbon/Fluent.Ribbon) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fluent\38e4e667d4100afc719f2017bf15dace\Fluent.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 001769472 _____ (hxxps://system.data.sqlite.org/) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data.SQLite\9cb50dbb76bc9a19fe48a72176b9b807\System.Data.SQLite.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 006736896 _____ (MahApps) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MahApps.Metro\70e07ab49b5de89cd90487f428afc138\MahApps.Metro.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000031744 _____ (Microsoft.Practices.ServiceLocation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CommonServiceLocator\50aa749b540d8e6c3075bd823e79b742\CommonServiceLocator.ni.dll
2024-08-10 18:03 - 2024-08-10 18:03 - 000641024 _____ (Microsoft.Toolkit) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.T417b639d#\3a1bcc4ecfd5fa7a80cc0bbfe7e449a5\Microsoft.Toolkit.Uwp.Notifications.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000086016 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CrashReportingApi\ab566051cf82ff37033328a944021c24\CrashReportingApi.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000354304 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CSharpAnaly7c7d34d8#\d0eeac6c67903cf434d128bd1bdacfc2\CSharpAnalytics.Net45.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 001113088 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Firebase.Cl4a05d677#\3721edebe17ab1773a02f30317b99bd8\Firebase.Cloud.Messaging.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000044544 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems.Core\c01367f2fc01522684bd5472e91510f8\MobiSystems.Core.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000026112 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems.Logging\fb326991546600375bf5bea3f00bf0d3\MobiSystems.Logging.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000011776 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems.Modules\7154c618607d7dec1f935c194833929e\MobiSystems.Modules.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000377856 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems.Windows\3111b09345e1f7a3a1958f1e9fb8d2e5\MobiSystems.Windows.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 001305600 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems.Wpf\7ce9796290b20fd2318b575747f8a067\MobiSystems.Wpf.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000252928 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems\c121053b4d76f5b1ad8eb500cc1fdc2f\MobiSystems.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000094208 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems46a703f4#\23370fb0433860f8d13636dbd7a78fcc\MobiSystems.Telemetry.SentryIO.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000013824 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems6e167680#\17ebf3804824cee9f282055c28d7cb43\MobiSystems.Core.Contracts.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000663040 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems8b351980#\b64f80f45fbd60b3bee3ed072395f2a9\MobiSystems.LocalStorage.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000035328 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystems90cb3f7b#\573b398588be5cd2c67e0769af070140\MobiSystems.Telemetry.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000097792 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Mobisystems9557b230#\7767082851839e98ad07a203d9b264e8\Mobisystems.GA4Analytics.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 001031168 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystemsb84b55ef#\2ba6f7f4b6af5f900a09a659c7d9fafe\MobiSystems.Wpf.Controls.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000586752 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MobiSystemsf4d845a4#\40d08550bacfcd20cda5e5ad067aa7d6\MobiSystems.Configuration.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000262656 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NativeWrappers\e5008761956ceb5c33581fa7e6fe113f\NativeWrappers.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000478208 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NetSparkle.Net40\8d24d3d7905f3ccc9a5fd0266ae1cd34\NetSparkle.Net40.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000172544 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\OfficeSuite\b5a7f6dbc8242a44f7beeafd0810bdb3\OfficeSuite.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000040448 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\OfficeSuite26cd73cd#\6b3a5be67889aa8c763adadfa4adde85\OfficeSuite.DependencyInjection.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000227328 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\OfficeSuite3b53fe1e#\a145044ee4a68c8c95965ec2c10b558a\OfficeSuite.Translation.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 031709184 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\OfficeSuite3d26a956#\12c2e81dfaf650b85bc830a8ea80e0cb\OfficeSuite.Localization.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 000094720 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\OfficeSuite9949e849#\fe5603e6132628d4a88e1c9cb3166870\OfficeSuite.AIAssistant.ni.dll
2024-08-10 18:03 - 2024-08-10 18:03 - 000034816 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\OfficeSuite9e0a3e8b#\1830b3e54a61c7379405df040775ff29\OfficeSuite.DependencyInjection.UnityAdapter.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000707072 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\OfficeSuitea61c0e55#\ba106c35eade0e2a7a7e9fa49f689bc0\OfficeSuite.MSConnect.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000696832 _____ (MobiSystems Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\OfficeSuitec80392d4#\186ade1021f9d2f554e6e2a09db3915f\OfficeSuite.TagManager.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 001619456 _____ (Sentry.io) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Sentry\5bdae4f9753dd717d586e58502d090b4\Sentry.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 006905344 _____ (Telerik AD) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Telerik.Win0593e0a6#\a99289e69d934542e2d665a75a43baa7\Telerik.Windows.Controls.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 002674176 _____ (Telerik AD) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Telerik.Win3c69a4be#\3d9787325c9c0cd96d89048faf88ed80\Telerik.Windows.Controls.Input.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 002125824 _____ (Telerik AD) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Telerik.Win7ffc145f#\632560698330f5641bb440ec17fb2b69\Telerik.Windows.Controls.RibbonView.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 004745216 _____ (Telerik AD) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Telerik.Win8d90dfc2#\f89169685d0b85e831b990f7142e032e\Telerik.Windows.Controls.Navigation.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 002497536 _____ (Telerik AD) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Telerik.Windows.Data\287cd6390866ebf6eda16242bae1d6f4\Telerik.Windows.Data.ni.dll
2024-08-10 18:01 - 2024-08-10 18:01 - 000931840 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\log4net\c0956b1a438bc23d8be7d08c27b53f2f\log4net.ni.dll
2024-08-10 18:02 - 2024-08-10 18:02 - 009783808 _____ (The Legion of the Bouncy Castle Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\BouncyCastle.Crypto\7e121878ffeeee56ddaac7c39b978783\BouncyCastle.Crypto.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3096]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 19:14 - 2019-12-07 19:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\AndroiD\Downloads\stažený soubor.jfif
DNS Servers: 172.20.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Realtek RTL8852AE WiFi 6 802.11ax PCIe Adapter -> rtwlane6.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_BA7CFA65D92143A08B855CE33E82AC75"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{374BA120-47FE-4A55-B016-85650E55D3A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0047BA14-5653-48EE-BC94-17EE14D4FDA0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3B56DA81-3D9F-4993-AD28-7FE6EB153EBB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1B00B7C2-0131-41E6-9733-2E3292432C2A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D7FF3DF5-9775-48AA-8175-610A04CDC24F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D6B91C74-D392-47F5-9E51-124B04C58376}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4155B1E9-ECE4-4BEE-927A-FC05F0721316}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C9C31195-0C6E-4BF3-A0EF-6E8582FADF1C}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{643AC0F1-E562-48FB-873E-41B76A5EBA2C}C:\users\android\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\android\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{48EAC1F1-43BD-4FBB-AAC4-47BAAF37E48A}C:\users\android\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\android\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{5082DC73-89D5-4C7F-8267-BA4AF9BD7BDA}C:\program files\ta forever client\jre\bin\java.exe] => (Allow) C:\program files\ta forever client\jre\bin\java.exe
FirewallRules: [UDP Query User{74FCA8A9-C924-4E83-94C8-DA2D0DAD39C1}C:\program files\ta forever client\jre\bin\java.exe] => (Allow) C:\program files\ta forever client\jre\bin\java.exe
FirewallRules: [TCP Query User{AC7E9AA6-C35D-4621-9632-FEA9DEAD0AB5}C:\program files\ta forever client\taf-client-downlords.exe] => (Allow) C:\program files\ta forever client\taf-client-downlords.exe () [File not signed]
FirewallRules: [UDP Query User{F85B3A68-A26E-4755-B242-0FB348155D9C}C:\program files\ta forever client\taf-client-downlords.exe] => (Allow) C:\program files\ta forever client\taf-client-downlords.exe () [File not signed]
FirewallRules: [TCP Query User{C6520593-F6A4-42ED-9B9F-FD958E34FA35}C:\program files\ta forever client\natives\bin\talauncher.exe] => (Allow) C:\program files\ta forever client\natives\bin\talauncher.exe () [File not signed]
FirewallRules: [UDP Query User{49CEC8AC-1D3C-4B45-A812-600B19D27728}C:\program files\ta forever client\natives\bin\talauncher.exe] => (Allow) C:\program files\ta forever client\natives\bin\talauncher.exe () [File not signed]
FirewallRules: [TCP Query User{1B987473-7E8D-4817-9BF6-343FAC272E0D}C:\program files\ta forever client\natives\bin\replayer.exe] => (Allow) C:\program files\ta forever client\natives\bin\replayer.exe () [File not signed]
FirewallRules: [UDP Query User{3FCACE78-E67E-4954-9CB2-440E0EFE98FE}C:\program files\ta forever client\natives\bin\replayer.exe] => (Allow) C:\program files\ta forever client\natives\bin\replayer.exe () [File not signed]
FirewallRules: [{EBDB2332-0DE4-440D-8C68-966911B25F7B}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{BF4EA119-61F6-41FE-9EFA-4D9F51E79694}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5956C98D-1546-47BF-9D9E-F8ADA03725C3}] => (Allow) C:\Users\AndroiD\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B1913EBF-3CA4-4485-A25B-83E2CD9B61F0}] => (Allow) C:\Users\AndroiD\AppData\Roaming\uTorrent Web\utweb.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{FDF16921-A465-42F6-A678-2588F08DD285}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{DBA24769-3350-4D0C-B4A1-4E21138E9CC4}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8674A732-9E82-432E-9F41-63F96307F94B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total Annihilation\TotalA.exe (Cavedog Entertainment) [File not signed]
FirewallRules: [{C54D3092-5DB3-45F7-A279-CD989D0D01AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total Annihilation\TotalA.exe (Cavedog Entertainment) [File not signed]
FirewallRules: [{273A703B-0021-4E0F-A1F5-C0EB3B305622}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total Annihilation\TAE.EXE (Cavedog Entertainment, Inc.) [File not signed]
FirewallRules: [{1ACB2D0C-EA15-41FC-B5E3-3DF15771BB5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total Annihilation\TAE.EXE (Cavedog Entertainment, Inc.) [File not signed]
FirewallRules: [TCP Query User{1EF7255D-9BB2-4D8A-A692-2BDF5C0D0804}C:\total annihilation\prota\totala.exe] => (Allow) C:\total annihilation\prota\totala.exe (Cavedog Entertainment) [File not signed]
FirewallRules: [UDP Query User{71BDF12B-E8CC-41C8-B6A5-2AF2C3476CF3}C:\total annihilation\prota\totala.exe] => (Allow) C:\total annihilation\prota\totala.exe (Cavedog Entertainment) [File not signed]
FirewallRules: [TCP Query User{BBE2B5A4-1CAA-4FEA-93A3-4884A860CD60}C:\total annihilation\total annihilation\totala.exe] => (Allow) C:\total annihilation\total annihilation\totala.exe (Cavedog Entertainment) [File not signed]
FirewallRules: [UDP Query User{970DBC46-5901-4882-9111-9D2990807950}C:\total annihilation\total annihilation\totala.exe] => (Allow) C:\total annihilation\total annihilation\totala.exe (Cavedog Entertainment) [File not signed]
FirewallRules: [TCP Query User{2666F960-239A-4B66-8A72-2F533E4D83F5}C:\users\android\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\android\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [UDP Query User{2BBFE29C-56DA-447F-B4FA-62CD2A1BA473}C:\users\android\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\android\appdata\roaming\gameranger\gameranger\gameranger.exe (GameRanger Technologies -> GameRanger Pty Ltd)
FirewallRules: [TCP Query User{F0B5C079-E7DE-4E54-8922-BC311BBA9D27}C:\program files\ta forever client\jre\bin\java.exe] => (Allow) C:\program files\ta forever client\jre\bin\java.exe
FirewallRules: [UDP Query User{0E5716B1-61F0-4DE5-AF0C-09AAB21988EF}C:\program files\ta forever client\jre\bin\java.exe] => (Allow) C:\program files\ta forever client\jre\bin\java.exe
FirewallRules: [TCP Query User{370F385D-77F3-45C5-80DA-879B5FBEDEA1}C:\program files\ta forever client\taf-client-downlords.exe] => (Allow) C:\program files\ta forever client\taf-client-downlords.exe () [File not signed]
FirewallRules: [UDP Query User{5D6E6082-C54A-441D-81E9-A9A362D6BE65}C:\program files\ta forever client\taf-client-downlords.exe] => (Allow) C:\program files\ta forever client\taf-client-downlords.exe () [File not signed]
FirewallRules: [TCP Query User{16AB7A40-452A-46FB-9F22-85EDD34F81D7}C:\program files\ta forever client\natives\bin\talauncher.exe] => (Allow) C:\program files\ta forever client\natives\bin\talauncher.exe () [File not signed]
FirewallRules: [UDP Query User{38DA176E-E955-4509-952F-CC8A883FF4A2}C:\program files\ta forever client\natives\bin\talauncher.exe] => (Allow) C:\program files\ta forever client\natives\bin\talauncher.exe () [File not signed]
FirewallRules: [TCP Query User{1A0C01AE-6A56-4DF4-B2A1-F90D82D11A99}C:\total annihilation\prota\totala.exe] => (Allow) C:\total annihilation\prota\totala.exe (Cavedog Entertainment) [File not signed]
FirewallRules: [UDP Query User{4DCD9536-1D3F-4FC7-BDEB-213CDED1B9AD}C:\total annihilation\prota\totala.exe] => (Allow) C:\total annihilation\prota\totala.exe (Cavedog Entertainment) [File not signed]
FirewallRules: [TCP Query User{EC24547B-51E0-4B30-9E6C-75D617EF4D06}E:\bin\win64_shipping_client\bannerlord.exe] => (Allow) E:\bin\win64_shipping_client\bannerlord.exe => No File
FirewallRules: [UDP Query User{D4C9A54B-D8EC-4CE1-B7FF-BA6AD1381E83}E:\bin\win64_shipping_client\bannerlord.exe] => (Allow) E:\bin\win64_shipping_client\bannerlord.exe => No File
FirewallRules: [TCP Query User{9C91BE15-0408-45FD-AC9C-FDB9201B4CD7}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{42F45EC5-8572-48E0-A083-CFED66D3A12B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{708CD8CE-B37F-45D2-9F0F-2B31CE0FA0DA}C:\program files (x86)\steam\steamapps\common\star wars - galactic battlegrounds saga\game\battlegrounds_cc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star wars - galactic battlegrounds saga\game\battlegrounds_cc.exe (LucasArts Entertainment Company LLC) [File not signed]
FirewallRules: [UDP Query User{D822785B-6A02-4659-A585-D86E73CAAB09}C:\program files (x86)\steam\steamapps\common\star wars - galactic battlegrounds saga\game\battlegrounds_cc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\star wars - galactic battlegrounds saga\game\battlegrounds_cc.exe (LucasArts Entertainment Company LLC) [File not signed]
FirewallRules: [{B56DEB17-2B8D-49AE-B49F-C20E759B27DB}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{87988500-EEE1-420B-BD2E-528BFD0537AE}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3D1F6F78-A944-4047-A306-11460DE51384}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{D3E24201-44EF-4334-A199-725CD84BC8F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{4AEC058F-DF94-446E-A4F3-2CE859F1514D}] => (Allow) C:\Program Files\MobiSystems\OfficeSuite\OfficeSuite.Collaboration.exe (MobiSystems, Inc. -> MobiSystems Inc.)
FirewallRules: [{761F7F8B-D28C-4D66-9CCE-7E33092F7FD7}] => (Allow) C:\Users\AndroiD\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8149F9F4-3D48-412A-B812-47159FC5C82A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5D028158-217E-4391-8C81-55C3829CCE34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [{5644298B-2FD9-4AB3-BA8E-3ADEDB879112}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe (Keen Software House s.r.o. -> Keen Software House)
FirewallRules: [TCP Query User{5611D505-98B8-4AE8-A6FF-0B77C3CA33DE}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{FB575985-EE29-4A19-81FC-0301DBF245D3}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{13B5B2D7-6CDB-4064-BD63-46B7880CD510}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Survivor\DRG Survivor.exe () [File not signed]
FirewallRules: [{F1DB3B6F-BF6E-4031-9C3F-6A1E34665DC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deep Rock Survivor\DRG Survivor.exe () [File not signed]
FirewallRules: [TCP Query User{04A9E3F0-B356-418E-8B5E-912A3E4AD7CF}C:\program files (x86)\warcraft iii\_retail_\x86_64\warcraft iii.exe] => (Allow) C:\program files (x86)\warcraft iii\_retail_\x86_64\warcraft iii.exe () [File not signed]
FirewallRules: [UDP Query User{18CED9A8-BBB2-4936-9EAA-C17FBE19077D}C:\program files (x86)\warcraft iii\_retail_\x86_64\warcraft iii.exe] => (Allow) C:\program files (x86)\warcraft iii\_retail_\x86_64\warcraft iii.exe () [File not signed]
FirewallRules: [TCP Query User{1465FF11-7AF4-4E61-AB43-6E6D12A9413D}C:\program files\w3champions\w3champions.exe] => (Allow) C:\program files\w3champions\w3champions.exe (Deespul LLC -> )
FirewallRules: [UDP Query User{3D97B51D-7B64-42E7-9F6B-F01DFFCAD092}C:\program files\w3champions\w3champions.exe] => (Allow) C:\program files\w3champions\w3champions.exe (Deespul LLC -> )
FirewallRules: [{78EE1E7B-9A13-40EE-9DEA-9B45EDD74D71}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4F107A6-1EE4-4D7E-8239-4718D742D051}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F34852D-73CF-4333-98A7-FDC340069BF9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{190C5657-6342-4452-8527-9AB644470689}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A077817D-483A-41E1-B547-FAF7FBF59579}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

19-09-2024 20:02:19 Naplánovaný kontrolní bod
02-10-2024 16:43:55 Naplánovaný kontrolní bod
05-10-2024 19:24:44 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/05/2024 07:24:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.19041.4355 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1020

Čas spuštění: 01db1700d1155e2c

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: 206301d4-bc02-4117-9748-25ea42b6cc12

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (10/05/2024 07:20:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname AndroiD.local already in use; will try AndroiD-2.local instead

Error: (10/05/2024 07:20:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 AndroiD.local. Addr 172.20.10.2

Error: (10/05/2024 07:20:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 172.20.10.2:5353 16 AndroiD.local. AAAA 2001:8004035BD4C5:3B33:AE01

Error: (10/05/2024 07:20:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 AndroiD.local. AAAA FE80:0000:0000:00003B29:DCD1:B45B

Error: (10/05/2024 07:20:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 172.20.10.2:5353 16 AndroiD.local. AAAA 2001:8004035BD4C5:3B33:AE01

Error: (10/05/2024 07:20:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 AndroiD.local. AAAA 2001:800420BE:C5B3:5F083A62

Error: (10/05/2024 07:20:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 172.20.10.2:5353 16 AndroiD.local. AAAA 2001:8004035BD4C5:3B33:AE01


System errors:
=============
Error: (10/05/2024 07:24:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Zvuk systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (10/05/2024 07:13:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/05/2024 06:39:35 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (10/05/2024 06:30:30 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (10/05/2024 06:00:00 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (10/05/2024 05:02:33 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (10/05/2024 04:23:47 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (10/05/2024 03:59:35 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.


Windows Defender:
================
Date: 2024-10-05 17:38:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6E0E8ECD-4830-4F66-ADF8-02A1E156CA79}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-10-03 22:20:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {995F1F75-7CB6-431F-BAC5-9DA3D479643A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-09-30 21:09:35
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CC20E148-7735-4615-8D4E-4E144CAAFB25}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-09-29 17:47:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4CF2F9E8-46C4-4C75-BA9E-D6937EF42771}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-09-29 17:23:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A894AC64-7100-464E-AFD5-99A6918DB02B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2024-10-05 18:43:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.419.351.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24080.9
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.

Date: 2024-04-05 22:09:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.409.53.0;1.409.53.0
Verze modulu: 1.1.24030.4

Date: 2024-03-29 20:37:37
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.407.779.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24020.9
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-10-30 23:59:57
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.399.1522.0;1.399.1522.0
Verze modulu: 1.1.23090.2007

Date: 2023-09-02 21:48:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.397.190.0;1.397.190.0
Verze modulu: 1.1.23080.2005

CodeIntegrity:
===============
Date: 2022-12-18 14:29:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-18 14:29:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO GKCN65WW 01/16/2024
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 5600H with Radeon Graphics
Percentage of memory in use: 37%
Total physical RAM: 14188.06 MB
Available physical RAM: 8871.09 MB
Total Virtual: 20332.06 MB
Available Virtual: 13106.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.33 GB) (Free:83.15 GB) (Model: Micron MTFDHBA512TDV) NTFS

\\?\Volume{f133370a-f580-489f-9548-010440db4b70}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{fd6d1d0a-2085-460d-80c7-2352c9173d18}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Tohle na virus nevypadá. Nejdřív spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[androidx]

Provedl jsem.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-05-2024
# Duration: 00:00:12
# OS: Windows 10 (Build 19045.4894)
# Scanned: 32105
# Detected: 7


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\AndroiD\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoServiceBridge Folder C:\Users\AndroiD\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Rudy]

Preinstalled jsou v pořádku, ty ponechte. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\MountPoints2: D - "D:\Autorun.exe"
Task: {FB2F3E7C-2A87-459E-9358-F75E645F1C23} - System32\Tasks\GoogleUpdateTaskMachineCore => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c (No File)
Task: {C0F1C45E-CFCA-4677-8A21-C2F40 System32\Tasks\GoogleUpdateTaskMachineUA => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler (No File)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X] <==== ATTENTION
S3 PRProt; \??\C:\Users\AndroiD\AppData\Local\Temp\ActiveAnticheat\1223619\active64.sys [X] <==== ATTENTION
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3096]
FirewallRules: [TCP Query User{EC24547B-51E0-4B30-9E6C-75D617EF4D06}E:\bin\win64_shipping_client\bannerlord.exe] => (Allow) E:\bin\win64_shipping_client\bannerlord.exe => No File
FirewallRules: [UDP Query User{D4C9A54B-D8EC-4CE1-B7FF-BA6AD1381E83}E:\bin\win64_shipping_client\bannerlord.exe] => (Allow) E:\bin\win64_shipping_client\bannerlord.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[androidx]

Provedeno

Fix result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by AndroiD (05-10-2024 23:12:57) Run:1
Running from C:\Users\AndroiD\OneDrive\Desktop
Loaded Profiles: AndroiD
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\...\MountPoints2: D - "D:\Autorun.exe"
Task: {FB2F3E7C-2A87-459E-9358-F75E645F1C23} - System32\Tasks\GoogleUpdateTaskMachineCore => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c (No File)
Task: {C0F1C45E-CFCA-4677-8A21-C2F40 System32\Tasks\GoogleUpdateTaskMachineUA => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler (No File)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X] <==== ATTENTION
S3 PRProt; \??\C:\Users\AndroiD\AppData\Local\Temp\ActiveAnticheat\1223619\active64.sys [X] <==== ATTENTION
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [3096]
FirewallRules: [TCP Query User{EC24547B-51E0-4B30-9E6C-75D617EF4D06}E:\bin\win64_shipping_client\bannerlord.exe] => (Allow) E:\bin\win64_shipping_client\bannerlord.exe => No File
FirewallRules: [UDP Query User{D4C9A54B-D8EC-4CE1-B7FF-BA6AD1381E83}E:\bin\win64_shipping_client\bannerlord.exe] => (Allow) E:\bin\win64_shipping_client\bannerlord.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-1254691839-1519622889-3421833155-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FB2F3E7C-2A87-459E-9358-F75E645F1C23}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB2F3E7C-2A87-459E-9358-F75E645F1C23}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Task: {C0F1C45E-CFCA-4677-8A21-C2F40 System32\Tasks\GoogleUpdateTaskMachineUA => "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler (No File)" => not found
HKLM\System\CurrentControlSet\Services\cpuz148 => removed successfully
cpuz148 => service removed successfully
HKLM\System\CurrentControlSet\Services\PRProt => removed successfully
PRProt => service removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EC24547B-51E0-4B30-9E6C-75D617EF4D06}E:\bin\win64_shipping_client\bannerlord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D4C9A54B-D8EC-4CE1-B7FF-BA6AD1381E83}E:\bin\win64_shipping_client\bannerlord.exe" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36953171 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 910181281 B
Windows/system/drivers => 85641144 B
Edge => 0 B
Chrome => 287945774 B
Firefox => 3873773688 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 391151800 B
systemprofile32 => 391151800 B
LocalService => 391151800 B
NetworkService => 391245092 B
AndroiD => 466803959 B

RecycleBin => 0 B
EmptyTemp: => 6.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:15:11 ====

[Rudy]

Bylo smazáno. Nastala nějaká změna?

[androidx]

Bohužel ne.

[Rudy]

OK. Do příkazového řádku napište:

cmd

,

odentrujte a pak do okna

ping www.seznam.cz

a opět odentrujte. Měly by projít 4 pingy a odezva by neměla být vyšší, než 50ms. Vše bude vypsáno po uknčení.

[androidx]

Bez odezvy lost 4/4, ale když pingnu router tak ho vidí počítač. I když jsem připojený tak vidím že přijaté a odeslané se zvyšujou, jen prostě nejde internet. Přikládám obrázek wifi nastavení.

wifi.png (76.15 KiB) Zobrazeno 1236 x

. Chová se to stejně jak jsem napsal na začátku. Jiné zařízení, wifi internet funguje, laptop ne. Jiná wifi na laptopu funguje, jen tahle doma ne.

[Rudy]

Zkuste přeinstalovat ovladač Wifi karty. V případě, že to nepomůže, toto připojení opravdu nefunguje.

[androidx]

Ovladac odinstalovan a nainstalovan. Porad nic. Nevim co se stalo. Druhy laptop funguje dobre na teto wifi.

[JaRon]

Vloz kolegovi obrazok z https://www.minitool.com/news/open-devi ... 0-009.html rozkliknuta cast network adapters

[androidx]

Tady je obrazek.

adapter.png (158.09 KiB) Zobrazeno 1178 x

[JaRon]

NEmas nahodou viac zariadeni s rovnakym nazvom
Prip. Mozes premenovat tento NTB na brekeke

[Rudy]

Ovladače vypadají v pořádku. Zkuste reset wifi routeru: https://www.hodinoviajtaci.cz/blog/jak- ... fi-router/ . Je ovšem možné, že je vadný wifi adaptér a s ním toho moc neuděláme.