PROSIM O KONTROLU

[pepe24]

Po spuštění několikrát problikne CMD
Zde přikládám LOG
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2023
Ran by Ráďa (administrator) on LAPTOP-E9UCTG8C (LENOVO 81LK) (15-04-2023 17:26:27)
Running from C:\Users\Ráďa\Desktop\FRST64.exe
Loaded Profiles: Ráďa
Platform: Microsoft Windows 11 Home Version 22H2 22621.1555 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <7>
(C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe <12>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.202\GoogleCrashHandler64.exe
(RayShare Co.,Ltd -> ) C:\Program Files (x86)\FoneLab\FoneLab for iOS\AppService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d7403bad0b41f2bd\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d7403bad0b41f2bd\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (slvlrehs) [File not signed] C:\Windows\SysWOW64\slvlrehs.exe
(sihost.exe ->) (20E7E2C9-A2A9-4A02-BB29-6FCFB9E042BB -> ) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.4.12.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(sihost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> ) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> ) C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> ) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366944 2022-12-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [FoneLab for iOSAppService] => C:\Program Files (x86)\FoneLab\FoneLab for iOS\AppService.exe [101328 2022-06-07] (RayShare Co.,Ltd -> )
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-53953500-1734220588-2196418386-1001\...\Run: [AvastBrowserAutoLaunch_F9D25CD95645168027430F081545CFB9] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3364272 2023-03-28] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-53953500-1734220588-2196418386-1001\...\Run: [MicrosoftEdgeAutoLaunch_AA352DC6F94BFC6074FE36853F214A71] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4139936 2023-04-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\MIMFPR0H: C:\Windows\System32\spool\prtprocs\x64\MIMFPR0H.DLL [23552 2021-02-15] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\112.0.5615.86\Installer\chrmstp.exe [2023-04-13] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\111.0.20716.147\Installer\chrmstp.exe [2023-04-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BA8425-5B4A-4885-B638-38AF0B357DBB} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4885912 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
Task: {00F65863-CCC6-4DEC-9E9D-46E5EA8F6341} - System32\Tasks\Opera scheduled Autoupdate 1616507709 => C:\Users\Ráďa\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {0F69436C-DFA0-4C64-B1F5-89E15F2667D0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {12AE38FD-97C4-4C48-AF65-74BC7085D130} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {1C16C824-B5C3-407B-94C1-EC28044CE81D} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {1F22E92D-4338-4C04-9497-DDAA71AA5EB8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {21BCFD2C-2344-4F0A-AF88-FAFC585836ED} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {223E12D8-9BDA-4A86-A250-D8DAD2FCE8E9} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {24DEB4B3-8E5F-4030-914B-F935D2245010} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2848B1CF-A210-4B5F-A9D2-94467F42219C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\28bbcaa4-8032-47e4-887f-cd9ef7358724 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {28A6EB4D-5232-4734-BE9E-84C95A5A6E1A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168880 2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B27FBA2-90DB-48C5-9743-28006B376A57} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2E05FCAE-9248-4E15-BFCD-A700E83D0433} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2c35c540-31a1-4f8e-9e76-5a2c37c8c2fa => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {337D51D6-AB5B-45D3-A681-60A452CDDB99} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {340417E5-982D-4BBD-864E-3F1A6A4A3A24} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C195E41-9FFE-4258-BC63-6EC88C8A1ADD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {3D1078E7-3011-4435-9DA8-6EE88D0A137E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {3FFFE7B5-1E17-49A2-BCBE-C10259DE2ADB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4273A159-FBC9-4C2D-AC42-318B8EB2AAA8} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {44C545E1-3E36-497F-AF86-90ECAF29F936} - System32\Tasks\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-28] (Google LLC -> Google LLC)
Task: {466F4618-CE47-4F4E-9768-E589664D3B12} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4CF9996D-7AA0-4ED0-B886-491258733482} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {56519AD3-E0B8-48E8-920A-FC0A49D64B5A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {57876DDD-E3E1-4534-8FEA-CE0FF59F1C1E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {57892931-506F-4F7A-91F0-6550E55CF195} - System32\Tasks\Opera scheduled assistant Autoupdate 1616507715 => C:\Users\Ráďa\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Ráďa\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {579666EB-5D3A-41F5-A3A4-5E697846D4E3} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {595109CA-F852-43FD-BFED-CD230112A1D1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3364272 2023-03-28] (Avast Software s.r.o. -> AVAST Software)
Task: {60FDA198-5D46-41EC-BADF-79B282F93C06} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3364272 2023-03-28] (Avast Software s.r.o. -> AVAST Software)
Task: {6AFBC079-B591-4301-BDA5-2B699AA1C5E5} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe [5009400 2023-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {6C3ECCB7-7F4C-4A45-8E87-51734A2C026F} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4695104 2021-10-25] (McAfee, LLC -> McAfee, LLC)
Task: {6DF202BF-2FC9-4184-B695-9A502CB49BBB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f4be4cf0-06cd-4bf0-8f98-2fc33a7e81fc => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {6FD3033C-C61E-4D42-9028-6687191B662D} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {74F6876A-E94A-43DA-B5DC-1547EC34BC1B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-07-18] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {87191A63-B9BF-443E-ACFA-4B160538B561} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9480437B-F492-4332-889F-E1850F3E13DF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {9ABB3987-041E-4969-A304-287DA8D55499} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {A4A75940-0B58-4835-AAC1-797B816DB46A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A5D7893E-1450-45B0-BCB6-281F2F3DA007} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\996a41e0-f44c-4209-8b44-e5e508d772dd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {A66CC3CD-7555-4883-98FE-666A38348960} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A8129D85-B40A-4EFC-9A63-19DE29424E9D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A92B9D29-D089-45F2-84A4-127816FA1A37} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2135448 2023-04-13] (Avast Software s.r.o. -> Avast Software)
Task: {AB2F97BB-9194-4824-B48C-9E3AC945A078} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {B4F53066-1450-4A6E-BEE2-A14009014BFA} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B88F0041-E188-4887-B180-82427FA1F26F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {C248E757-FD7C-4015-A2F0-0946ACF63114} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C83B7278-0D17-415F-AC5A-CEA8A9089B62} - System32\Tasks\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-28] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D62E6FF4-9C72-4DDB-A79D-D2BBB8DFEA1A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF738F52-952E-4884-8B50-94E9177E4CF2} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EACA63B6-30F2-4E93-8B74-49B2A4EA53E2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2579CD6-F8AF-410F-8800-4281A829308A} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {FF824315-71CC-44D9-804A-5CCE95F08186} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0c8aa559-76b4-4bcf-b0a2-d82e9e4ba33b}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{3ada2b82-5650-4c5b-bab6-65f52b1bc486}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fc97602f-da30-452a-befe-1db30205feb7}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ráďa\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-15]
Edge Extension: (Edge relevant text changes) - C:\Users\Ráďa\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-15]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default [2023-04-15]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.freefilm.to; hxxps://www.netflix.com; hxxps://www.sledujfilmy.online; hxxps://www.youtube.com
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-03-12]
CHR Extension: (Adblock na Youtube™) - C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-02-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-30]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-02-26]
CHR Extension: (FormApps Extension) - C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-11]
CHR Extension: (Hulu With Me) - C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadfigclkmmnpchmalpbcfbmpnmmmoag [2022-01-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Equalizer for YouTube™) - C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Default\Extensions\oggiagogblgafoilijjdhcmflgekfmja [2022-11-17]
CHR Profile: C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-14]
CHR Profile: C:\Users\Ráďa\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]

Opera:
=======
OPR Profile: C:\Users\Ráďa\AppData\Roaming\Opera Software\Opera Stable [2021-12-03]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Ráďa\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-03]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Ráďa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103264 2022-10-08] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8808344 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [584088 2023-04-12] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\111.0.20716.147\elevation_service.exe [1818288 2023-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-12-07] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-01] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 uajgexwcfwpcon; c:\windows\SysWOW64\slvlrehs.exe [327680 2021-01-13] (slvlrehs) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31376 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [235424 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391808 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297840 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39608 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269464 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [557096 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105208 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [942952 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [702784 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212640 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319568 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-28] (Bitdefender SRL -> Bitdefender)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-07-18] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 libusb0; C:\WINDOWS\System32\drivers\libusb0.sys [52832 2012-01-17] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [52872 2020-05-22] (Tomasz Moń -> USBPcap)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-15 17:26 - 2023-04-15 17:26 - 000037897 _____ C:\Users\Ráďa\Desktop\FRST.txt
2023-04-15 17:24 - 2023-04-15 17:24 - 000001408 _____ C:\Users\Ráďa\Downloads\priloha_1159168731_1_VypisROS.csv
2023-04-15 17:22 - 2023-04-15 17:22 - 002380288 _____ (Farbar) C:\Users\Ráďa\Desktop\FRST64.exe
2023-04-15 17:13 - 2023-04-15 17:13 - 000693828 _____ C:\WINDOWS\system32\perfh005.dat
2023-04-15 17:13 - 2023-04-15 17:13 - 000143682 _____ C:\WINDOWS\system32\perfc005.dat
2023-04-15 17:05 - 2023-04-15 17:05 - 000179947 _____ C:\Users\Ráďa\Downloads\priloha_1159095358_0_zprava.pdf
2023-04-15 17:05 - 2023-04-15 17:05 - 000097466 _____ C:\Users\Ráďa\Downloads\priloha_1159168731_0_VypisROS.pdf
2023-04-12 20:46 - 2023-04-12 20:46 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-04-12 00:31 - 2023-04-12 00:31 - 000000000 ___HD C:\$WinREAgent
2023-04-01 02:22 - 2023-04-01 02:26 - 2840703307 _____ C:\DCIM.rar
2023-03-29 20:27 - 2023-03-29 20:27 - 000001827 _____ C:\Users\Public\Desktop\iTunes.lnk
2023-03-29 20:27 - 2023-03-29 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2023-03-29 20:27 - 2023-03-29 20:27 - 000000000 ____D C:\Program Files\iTunes

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-15 17:26 - 2021-07-25 12:45 - 000000000 ____D C:\FRST
2023-04-15 17:17 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-04-15 17:17 - 2020-06-28 16:12 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-15 17:13 - 2023-02-08 19:55 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-15 17:13 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-04-15 17:11 - 2023-02-08 19:50 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-04-15 17:11 - 2023-02-08 19:46 - 000000000 ____D C:\Users\Ráďa
2023-04-15 17:11 - 2022-07-11 18:58 - 000000000 ___RD C:\Users\Ráďa\iCloudDrive
2023-04-15 17:11 - 2020-06-28 04:57 - 000000000 __SHD C:\Users\Ráďa\IntelGraphicsProfiles
2023-04-15 17:11 - 2019-12-24 23:25 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-15 17:10 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-15 17:08 - 2023-02-08 19:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-15 17:08 - 2023-02-08 19:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-15 17:08 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-04-15 17:08 - 2019-12-24 23:24 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2023-04-15 17:08 - 2019-12-24 23:23 - 000000000 ___HD C:\Intel
2023-04-15 17:07 - 2021-04-08 00:18 - 000012288 ___SH C:\DumpStack.log.tmp
2023-04-15 11:50 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-15 11:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-15 09:52 - 2023-02-08 19:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-53953500-1734220588-2196418386-1001
2023-04-15 09:52 - 2023-02-08 19:50 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-53953500-1734220588-2196418386-1001
2023-04-15 09:52 - 2021-04-08 00:19 - 000002385 _____ C:\Users\Ráďa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-15 03:32 - 2019-12-24 23:15 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-14 23:27 - 2023-02-08 19:50 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-14 23:27 - 2023-02-08 19:50 - 000003486 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1}
2023-04-14 23:27 - 2023-02-08 19:50 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-04-14 23:27 - 2023-02-08 19:50 - 000003262 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32}
2023-04-14 23:27 - 2023-02-08 19:50 - 000002954 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2023-04-14 23:27 - 2023-02-08 19:50 - 000002158 _____ C:\WINDOWS\system32\Tasks\npcapwatchdog
2023-04-14 23:27 - 2023-02-08 19:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-04-14 09:52 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-04-13 09:33 - 2020-06-28 16:13 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-13 09:33 - 2020-06-28 16:13 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-04-12 20:46 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-12 20:46 - 2021-12-07 17:45 - 000942952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000702784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000557096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000391808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000319568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000297840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000269464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000235424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000105208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000080376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000039608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-04-12 20:46 - 2021-12-07 17:45 - 000031376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2023-04-12 20:46 - 2020-07-23 10:55 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-12 20:46 - 2020-07-23 10:55 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-12 04:55 - 2021-12-07 17:44 - 000000000 ____D C:\ProgramData\Avast Software
2023-04-12 04:54 - 2023-02-08 19:44 - 000471152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-04-12 04:54 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-04-12 04:53 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-04-12 00:37 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-12 00:34 - 2023-02-08 19:47 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-04-12 00:18 - 2020-06-30 03:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-12 00:16 - 2020-06-30 03:33 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-11 23:25 - 2022-07-19 22:23 - 000000000 ____D C:\Users\Ráďa\Desktop\Sarinky svatba
2023-04-11 21:29 - 2021-07-25 11:52 - 000000000 ____D C:\Users\Ráďa\AppData\Local\D3DSCache
2023-04-08 17:31 - 2021-11-01 23:19 - 000000000 ____D C:\Users\Ráďa\AppData\Local\CrashDumps
2023-04-06 04:22 - 2021-12-07 17:47 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-04-06 04:22 - 2021-12-07 17:47 - 000002474 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-04-01 02:12 - 2022-03-11 11:37 - 000000000 ____D C:\adb
2023-03-26 02:12 - 2020-06-28 15:02 - 000000000 ____D C:\ProgramData\Packages
2023-03-26 02:12 - 2020-06-28 04:57 - 000000000 ____D C:\Users\Ráďa\AppData\Local\Packages
2023-03-17 21:21 - 2021-10-15 14:35 - 000000000 ____D C:\Users\Ráďa\Desktop\Filmy

==================== Files in the root of some directories ========

2021-03-23 15:50 - 2021-03-23 15:50 - 000000218 _____ () C:\Users\Ráďa\AppData\Local\recently-used.xbel
2021-12-02 13:33 - 2021-12-02 13:33 - 000007606 _____ () C:\Users\Ráďa\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


=====================================================================================================================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2023
Ran by Ráďa (15-04-2023 17:27:24)
Running from C:\Users\Ráďa\Desktop
Microsoft Windows 11 Home Version 22H2 22621.1555 (X64) (2023-02-08 17:50:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-53953500-1734220588-2196418386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-53953500-1734220588-2196418386-503 - Limited - Disabled)
Guest (S-1-5-21-53953500-1734220588-2196418386-501 - Limited - Disabled)
Ráďa (S-1-5-21-53953500-1734220588-2196418386-1001 - Administrator - Enabled) => C:\Users\Ráďa
WDAGUtilityAccount (S-1-5-21-53953500-1734220588-2196418386-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIO Monitoring (HKLM-x32\...\LajA9psev_is1) (Version: - )
Angry IP Scanner (HKLM-x32\...\Angry IP Scanner) (Version: 3.8.2 - Angry IP Scanner)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{44325855-D4CA-4994-A27A-39FE50CE6A8E}) (Version: 16.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.3.6058 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 111.0.20716.147 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
balenaEtcher 1.7.9 (HKU\S-1-5-21-53953500-1734220588-2196418386-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.7.9 - Balena Inc.)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.0.1062 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-53953500-1734220588-2196418386-1001\...\BlueStacks X) (Version: 0.17.10.6 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.77.1092 - AB Team, d.o.o.)
Fedora Media Writer (HKLM-x32\...\Fedora Media Writer) (Version: 4.2.2 - Fedora Project)
FoneLab for iOS 10.2.6 (HKLM-x32\...\{FFE0C5FE-5820-4864-AFE4-8243BE33FEB9}_is1) (Version: 10.2.6 - FoneLab)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.86 - Google LLC)
iCloud Outlook (HKLM\...\{F35C51FC-B854-4106-89D2-50709F12A4B5}) (Version: 12.5.0.74 - Apple Inc.)
Intel(R) Chipset Device Software (HKLM\...\{351A0D24-F6F1-4105-AA50-5D2CCC71E0DD}) (Version: 10.1.18019.8144 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
iTunes (HKLM\...\{7C560654-7A19-4ECD-A146-9DEC0360A245}) (Version: 12.12.7.1 - Apple Inc.)
KONICA MINOLTA magicolor 1680MF (HKLM\...\KONICA MINOLTA magicolor 1680MF) (Version: - )
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
LibUSB-Win32-1.2.6.0 (HKLM\...\LibUSB-Win32_is1) (Version: 1.2.6.0 - LibUSB-Win32)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.39 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-53953500-1734220588-2196418386-1001\...\OneDriveSetup.exe) (Version: 23.071.0402.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020 (HKLM-x32\...\{895D5198-C5DB-375E-86AB-133F4DAA9FE2}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020 (HKLM-x32\...\{8F271F6C-6E7B-3D0A-951B-6E7B694D78BD}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
MTK Usb All 1.0.8 (HKLM-x32\...\MTK Usb All 1.0.8) (Version: 1.0.8 - MTK 2000)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.55 - Nmap Project)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 457.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.49 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
qBittorrent 4.3.9 (HKLM-x32\...\qBittorrent) (Version: 4.3.9 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Serato DJ (HKLM-x32\...\{8a5fa39a-fc35-443a-b1ae-b5d600daed1a}) (Version: 1.9.10.5170 - )
Serato DJ (HKLM-x32\...\{941AF1A8-32BA-4E7D-9D04-ADDB39F58B53}) (Version: 1.9.10.5170 - Serato) Hidden
Serato DJ Lite (HKLM\...\{A0AAC289-D7B6-4AE9-9222-39132955E408}) (Version: 1.6.0.1235 - Serato Limited) Hidden
Serato DJ Lite (HKLM-x32\...\{430d5b25-3cec-49d2-b16d-cc3500d575d0}) (Version: 1.6.0.1235 - Serato Limited)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
USBPcap 1.5.4.0 (HKLM\...\USBPcap) (Version: 1.5.4.0 - Tomasz Mon)
WhatsApp (HKU\S-1-5-21-53953500-1734220588-2196418386-1001\...\WhatsApp) (Version: 2.2222.12 - WhatsApp)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Wireshark 3.6.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.6.3 - The Wireshark developer community, hxxps://www.wireshark.org)
YouTube (HKU\S-1-5-21-53953500-1734220588-2196418386-1001\...\9e2660632d5fe605c67a6aef59ba54f7) (Version: 1.0 - Google\Chrome)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.98.2.0_x64__kgqvnymyfvs32 [2023-04-06] (king.com)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20500.501.0_x64__rz1tebttyb220 [2022-04-09] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-02-19] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2303.112.0_x64__k1h2ywk1493x8 [2023-04-12] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.4.12.0_x64__5grkq8ppsgwt4 [2023-04-12] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2023-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2023-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2303.28003.0_x64__8wekyb3d8bbwe [2023-04-12] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-02-19] (Microsoft Corp.)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.93.6831.0_x64__8wekyb3d8bbwe [2023-04-06] (Microsoft Corporation) [Startup Task]
ms-resource:AppName -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.32.21.0_x64__kgqvnymyfvs32 [2023-04-06] (king.com)
ms-resource:iCloudAppDisplayName -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.1.108.0_x64__nzyj5cx40ttqa [2023-02-20] (Apple Inc.) [Startup Task]
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-14] (INTEL CORP) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-10-13] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-11] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2023-02-19] (Realtek Semiconductor Corp)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2023-02-19] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0 [2023-04-14] (Spotify AB) [Startup Task]
Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_2.10.46.0_x64__cx08jceyq9bcp [2023-04-12] (Vodafone Group Services)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2023-02-19] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2023-02-19] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-53953500-1734220588-2196418386-1001_Classes\CLSID\{00A9C0B9-7B72-4E5E-A998-84E2F9F13C89} -> [Fotky na iCloudu] => C:\Users\Ráďa\Pictures\iCloud Photos\Photos [2022-07-11 18:58]
CustomCLSID: HKU\S-1-5-21-53953500-1734220588-2196418386-1001_Classes\CLSID\{295B220C-635E-4D85-8171-EB2104864FD1} -> [iCloud Drive] => C:\Users\Ráďa\iCloudDrive [2022-07-11 18:58]
CustomCLSID: HKU\S-1-5-21-53953500-1734220588-2196418386-1001_Classes\CLSID\{FF201859-F4B1-432E-AA4E-2A6F2336BBA4} -> [iCloud Drive] => C:\Users\Ráďa\iCloudDrive [2022-07-11 18:58]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_04baa46c48be5bb8\nvshext.dll [2021-06-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-04-12] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Ráďa\Desktop\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Ráďa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2019-12-24 23:15 - 2019-12-24 23:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2019-12-24 23:15 - 2019-12-24 23:15 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-53953500-1734220588-2196418386-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-53953500-1734220588-2196418386-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-10-16 13:11 - 2022-08-04 16:31 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LAPTOP-E9UCTG8C.mshome.net # 2027 8 2 3 14 31 43 60
192.168.137.30 TECHNICA TV.mshome.net # 2022 8 4 11 14 31 43 60

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-53953500-1734220588-2196418386-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ráďa\Desktop\fotky icloud\IMG_2451.HEIC
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{49FF0A2B-F1E4-4F15-9F15-3EA64B715ED0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{33E179C1-8174-4BE3-8BD0-2ED89C5B5F35}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{00697682-4006-43E1-B8D4-A5F723A98713}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{4757DC9D-C757-406B-BAD7-2CCC63DFB189}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [UDP Query User{49DCC33A-3825-444C-AE62-7D21B415A1CD}C:\users\ráďa\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\ráďa\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{AC9F5C1C-07FB-4EC0-BEEB-A358BDC1F336}C:\users\ráďa\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\ráďa\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{AF81EC41-FB85-4BF0-8257-3A819BABA11A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E3595579-01BD-4C74-8A62-1BF0D5A2FAB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{927346EC-90E4-463F-BE0B-351157E5A88E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6E118D7-EEC1-4B5D-95EF-04C0B4DECC44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{544390B2-D8FA-4D0A-80D8-EAAD3029B661}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{D2F6D9A8-F1BE-468E-AA71-81C63BA31533}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{E2554BB3-D76E-46D2-AD9A-4D3C7E29CE41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1D2C8871-D9F6-4985-B619-9A8364890106}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{648D108B-4C03-4AB7-AE3F-B4C400398AD4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4D362DF2-1C5C-4364-8711-C88D36A048AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CE97AF38-89DF-4020-BC18-4A6FEFFAF178}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F61C36DF-A6CB-43E5-9940-9C7BAF315847}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6C89A8CE-6EF9-4E86-8EF8-D86D94623608}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{62476CFC-ABA0-4606-BF0F-F007367815A8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6917A8CE-B511-4368-BA2D-AD838FBCC8EC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{7E5843A2-F1C8-4BA4-B76A-71A3780BE704}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{7D31F970-70ED-4CC6-82E5-8C8A22DD9417}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6620E9A6-89C2-43FF-AB3C-2008E3EE72F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1F2BED27-3D7A-46C6-A2CF-4A728D7DD281}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E2AAEBC7-4BDC-4F57-A2D2-BAF99C04701D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C3DA0E0F-34FA-4A2B-B709-9338C4ACB117}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F493F572-CECF-4F02-8BDB-537AFF965ACC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{FEBF5293-DF0A-46A3-B757-B4A0F870A6F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1BEF37C7-3969-4740-9315-C9B816198731}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{747D2AB8-466F-48C9-B347-E12500AF0476}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CCC8AEEB-BD63-4117-A52F-E3AB1F7DF3FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6BC85E0C-924E-4038-837F-A9D17C5CC8DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{049CB041-10EA-44ED-AA5B-E37FE6043D42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{0DEFE426-38C3-4064-A5B8-181951FE757B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{78374E19-BBA5-4845-A25F-8A87ED9692D5}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3B067FA4-A2F9-415E-8A7A-B85BC4BBB1E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{3C30077A-2C26-487C-9717-7697FC86A9F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{54FD48B3-D6F3-4CCF-BAB2-F944F11F3D15}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{D1C65C51-4E7D-4609-B202-156873D4512A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{5C5AD0A7-410B-4C3B-8D4A-C4E1D967E085}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8960EE21-D43F-47A3-B48F-F1B593C57886}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> )
FirewallRules: [{3DEA2A5A-9F3F-407C-8FB6-A1F58FB451C9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> )
FirewallRules: [{1A5861C0-BB33-4D2B-8F03-11F777608D5C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DD782E2-2DA3-4C76-B61D-E1046974B5CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DEC117B3-9A5F-4606-BD87-F921933C9A76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{AF332EC3-1FC9-45EA-888D-DF5C074B25CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{27E384A7-623A-4CEB-9184-5D0D370750F6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{E1C70A52-E1BD-45D4-82B2-A00D3FB5D344}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{FE58427F-97B1-462A-A83E-D7B15BFD7F29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{75FE9AE5-B65D-425F-BD1E-00737C22B18D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{D8355C19-A825-4538-8603-2DF705C8FD44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{94C419C6-3891-45D5-842E-24025151FB1A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{B86F02E5-0BCA-4502-AA0F-079EAA2F8BC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{8D9EBF14-302C-4FFC-B450-8A6B76449E96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.209.743.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )

==================== Restore Points =========================

12-04-2023 00:31:51 Instalační služba modulů systému Windows
12-04-2023 00:32:32 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: MediaTek DA USB VCOM (Android) (COM4)
Description: MediaTek DA USB VCOM (Android)
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek Inc.
Service: wdm_usb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: MediaTek USB VCOM (Android) (COM5)
Description: MediaTek USB VCOM (Android)
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek Inc.
Service: wdm_usb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: MediaTek PreLoader USB VCOM (Android) (COM6)
Description: MediaTek PreLoader USB VCOM (Android)
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek Inc.
Service: wdm_usb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: MediaTek PreLoader USB VCOM (Android) (COM7)
Description: MediaTek PreLoader USB VCOM (Android)
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek Inc.
Service: wdm_usb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: MediaTek USB VCOM (Android) (COM8)
Description: MediaTek USB VCOM (Android)
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: MediaTek Inc.
Service: wdm_usb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/15/2023 05:24:18 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {5EF1E925-7746-4FFC-9645-8B5412B22E01}

Error: (04/15/2023 03:32:56 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {DB9656A2-62A0-4662-8FD1-DD05D2685841}

Error: (04/13/2023 08:49:09 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: DAX3API.exe, verze: 3.20501.517.0, časové razítko: 0x5d5e6824
Název chybujícího modulu: DAX3API.exe, verze: 3.20501.517.0, časové razítko: 0x5d5e6824
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000112ed1
ID chybujícího procesu: 0x0x1288
Čas spuštění chybující aplikace: 0x0x1d96cea29e6bed6
Cesta k chybující aplikaci: C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
ID zprávy: 7647f349-3b1e-4f86-b05a-41c99205c6e0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/12/2023 04:54:28 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/12/2023 04:54:28 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (04/12/2023 04:54:28 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/11/2023 09:51:03 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {8DAAC66D-7B67-4954-82ED-144BAF35EF61}

Error: (04/11/2023 09:31:16 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {0BE79407-2553-45D0-951A-F3CCA9CB65B1}


System errors:
=============
Error: (04/15/2023 05:13:52 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-E9UCTG8C)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/15/2023 05:08:02 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:19:19, ‎15.‎04.‎2023) bylo neočekávané.

Error: (04/14/2023 09:51:46 AM) (Source: RTWlanE) (EventID: 5002) (User: )
Description: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC : Bylo zjištěno, že síťový adaptér nepracuje správně.

Error: (04/14/2023 09:51:43 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC, {3ada2b82-5650-4c5b-bab6-65f52b1bc486}, došlo k události 74.

Error: (04/13/2023 08:49:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/12/2023 04:52:45 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-E9UCTG8C)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 04:52:44 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-E9UCTG8C)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/12/2023 12:17:11 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.


CodeIntegrity:
===============
Date: 2023-04-15 17:13:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO BGCN24WW 08/19/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-9300H CPU @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 8072.24 MB
Available physical RAM: 2153.72 MB
Total Virtual: 12936.24 MB
Available Virtual: 5540.39 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:94.18 GB) (Model: HFM512GDHTNG-8310A) NTFS

\\?\Volume{4eb01e78-fdae-40bd-b465-8db0081a2a2b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.35 GB) NTFS
\\?\Volume{2d7497e6-dec8-465d-b99d-9b3cbfd1635e}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 8D84B2C0)

Partition: GPT.

==================== End of Addition.txt =======================



==================== End of FRST.txt ========================

[Rudy]

Zdravím!
Command lone nemisí být projev malware. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[pepe24]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-16-2023
# Duration: 00:00:00
# OS: Windows 11 (Build 22621.1555)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3823 octets] - [10/04/2022 13:19:35]
AdwCleaner[C00].txt - [3193 octets] - [10/04/2022 13:20:48]
AdwCleaner[S01].txt - [1982 octets] - [10/04/2022 13:21:39]
AdwCleaner[S02].txt - [2057 octets] - [16/04/2023 21:23:11]
AdwCleaner[C02].txt - [2310 octets] - [16/04/2023 21:23:49]
AdwCleaner[S03].txt - [1725 octets] - [16/04/2023 21:25:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

[Rudy]

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00F65863-CCC6-4DEC-9E9D-46E5EA8F6341} - System32\Tasks\Opera scheduled Autoupdate 1616507709 => C:\Users\Ráďa\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {44C545E1-3E36-497F-AF86-90ECAF29F936} - System32\Tasks\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-28] (Google LLC -> Google LLC)
Task: {56519AD3-E0B8-48E8-920A-FC0A49D64B5A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {57876DDD-E3E1-4534-8FEA-CE0FF59F1C1E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {B88F0041-E188-4887-B180-82427FA1F26F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {C83B7278-0D17-415F-AC5A-CEA8A9089B62} - System32\Tasks\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-28] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32}
FirewallRules: [{6620E9A6-89C2-43FF-AB3C-2008E3EE72F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1F2BED27-3D7A-46C6-A2CF-4A728D7DD281}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E2AAEBC7-4BDC-4F57-A2D2-BAF99C04701D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C3DA0E0F-34FA-4A2B-B709-9338C4ACB117}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F493F572-CECF-4F02-8BDB-537AFF965ACC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{FEBF5293-DF0A-46A3-B757-B4A0F870A6F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1BEF37C7-3969-4740-9315-C9B816198731}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{747D2AB8-466F-48C9-B347-E12500AF0476}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CCC8AEEB-BD63-4117-A52F-E3AB1F7DF3FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6BC85E0C-924E-4038-837F-A9D17C5CC8DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{049CB041-10EA-44ED-AA5B-E37FE6043D42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{0DEFE426-38C3-4064-A5B8-181951FE757B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[pepe24]

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-04-2023
Ran by Ráďa (28-04-2023 16:59:03) Run:3
Running from C:\Users\Ráďa\Desktop
Loaded Profiles: Ráďa
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {00F65863-CCC6-4DEC-9E9D-46E5EA8F6341} - System32\Tasks\Opera scheduled Autoupdate 1616507709 => C:\Users\Ráďa\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {44C545E1-3E36-497F-AF86-90ECAF29F936} - System32\Tasks\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-28] (Google LLC -> Google LLC)
Task: {56519AD3-E0B8-48E8-920A-FC0A49D64B5A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {57876DDD-E3E1-4534-8FEA-CE0FF59F1C1E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {B88F0041-E188-4887-B180-82427FA1F26F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {C83B7278-0D17-415F-AC5A-CEA8A9089B62} - System32\Tasks\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-28] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32}
FirewallRules: [{6620E9A6-89C2-43FF-AB3C-2008E3EE72F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1F2BED27-3D7A-46C6-A2CF-4A728D7DD281}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E2AAEBC7-4BDC-4F57-A2D2-BAF99C04701D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C3DA0E0F-34FA-4A2B-B709-9338C4ACB117}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.93.3408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F493F572-CECF-4F02-8BDB-537AFF965ACC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{FEBF5293-DF0A-46A3-B757-B4A0F870A6F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1BEF37C7-3969-4740-9315-C9B816198731}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{747D2AB8-466F-48C9-B347-E12500AF0476}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{CCC8AEEB-BD63-4117-A52F-E3AB1F7DF3FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6BC85E0C-924E-4038-837F-A9D17C5CC8DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{049CB041-10EA-44ED-AA5B-E37FE6043D42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{0DEFE426-38C3-4064-A5B8-181951FE757B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00F65863-CCC6-4DEC-9E9D-46E5EA8F6341}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00F65863-CCC6-4DEC-9E9D-46E5EA8F6341}" => removed successfully
C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1616507709 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1616507709" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44C545E1-3E36-497F-AF86-90ECAF29F936}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44C545E1-3E36-497F-AF86-90ECAF29F936}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56519AD3-E0B8-48E8-920A-FC0A49D64B5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56519AD3-E0B8-48E8-920A-FC0A49D64B5A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57876DDD-E3E1-4534-8FEA-CE0FF59F1C1E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57876DDD-E3E1-4534-8FEA-CE0FF59F1C1E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B88F0041-E188-4887-B180-82427FA1F26F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B88F0041-E188-4887-B180-82427FA1F26F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C83B7278-0D17-415F-AC5A-CEA8A9089B62}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C83B7278-0D17-415F-AC5A-CEA8A9089B62}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{15F8E6EA-94B9-4093-83E2-D2D746C93CB1}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{612B6BF2-4EBA-4988-A8EC-E180D7DECD32}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6620E9A6-89C2-43FF-AB3C-2008E3EE72F7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F2BED27-3D7A-46C6-A2CF-4A728D7DD281}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2AAEBC7-4BDC-4F57-A2D2-BAF99C04701D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3DA0E0F-34FA-4A2B-B709-9338C4ACB117}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F493F572-CECF-4F02-8BDB-537AFF965ACC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEBF5293-DF0A-46A3-B757-B4A0F870A6F9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1BEF37C7-3969-4740-9315-C9B816198731}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{747D2AB8-466F-48C9-B347-E12500AF0476}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCC8AEEB-BD63-4117-A52F-E3AB1F7DF3FE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6BC85E0C-924E-4038-837F-A9D17C5CC8DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{049CB041-10EA-44ED-AA5B-E37FE6043D42}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0DEFE426-38C3-4064-A5B8-181951FE757B}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29490881 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 7787710 B
Edge => 0 B
Chrome => 533862703 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 101128 B
NetworkService => 102220 B
Ráďa => 636602651 B

RecycleBin => 25364497348 B
EmptyTemp: => 24.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:59:35 ====

[JaRon]

vycistene, je este nejaky problem