VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by Kopci (administrator) on LAPTOP-HH1EQN5N (LENOVO 80QB) (19-11-2023 22:17:55)
Running from C:\Users\Kopci\Desktop\FRST64.exe
Loaded Profiles: Kopci
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe
(svchost.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(valWbioSyncSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382824 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Lenovo Smart Fingerprint] => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44525472 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {af447570-94f6-41a5-b561-4debe3d229ef} - no filepath. <==== ATTENTION
Task: {52A17E96-D350-4F87-8829-7624EAF3F8F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {F915363B-00B1-4B57-8F33-6C3E9C769E80} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {654B5F4C-4107-493A-89B6-FDB1C0E7B713} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "b74939e8-debf-458c-8d29-420a5e9b6444" --version "6.18.10824" --silent
Task: {7FC0D34D-C279-454C-A4C4-0373B505F296} - System32\Tasks\CCleanerSkipUAC - Kopci => C:\Program Files\CCleaner\CCleaner.exe [37544352 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {BA5589F5-363D-402E-886C-56770A4CBCD8} - System32\Tasks\Lenovo\fplmonitor => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {6EA656A2-D79A-4CA9-9823-F1271FA290D2} - System32\Tasks\Lenovo\fplmonitorConnect => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {47C747A5-D5E6-469E-B2D8-660CD716FF1A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {786CC690-3EA1-45ED-8D0B-7D7CB585338F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {47C5C956-8A50-414C-AF19-9D067F38B4DE} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {206FEC6E-0570-4683-B724-7C35E6993379} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\52b9caf0-f56e-4431-87e7-536656eefc79 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {00B46C4C-CEAE-4CFE-A76C-3909AD8B1C6A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\973db8de-ef68-413c-aff0-b8759d3c61ff => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {4CBF3536-8304-464D-912A-DD29126134AB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ca7136ad-448c-4d6a-a984-c1f364f0ebc5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {F5B11595-C2BD-4963-A0AF-235D9E0973D2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fccea30a-50e4-4f23-9e8b-1978ed42b79b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {5D7FE370-0268-4F37-8C09-F692339CC68C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {20CC5D35-6588-4513-8287-B6EA51CD49F3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => %programfiles%\Lenovo\Lenovo Solution Center\LSCNotify.exe /show (No File)
Task: {C91368E0-6C17-428C-A951-070E3CC250CC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan (No File)
Task: {D71E4AA2-EFF8-41D2-9B53-3B1F68AE872E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe" -diag HWScan (No File)
Task: {227B0B35-DA77-46F3-9DCF-CF593A24B789} - System32\Tasks\Lenovo\REACHit Agent Startup => "C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe" /nobrowser (No File)
Task: {F63D47B8-38E2-4E22-A98D-78DB7FC1A7C3} - System32\Tasks\Lenovo\REACHit Agent Update => "C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe" -update (No File)
Task: {7B0DFC7C-EED3-4F3D-A4E2-2113C188ABA2} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {5D093097-1949-4180-AE91-B2253D2B1927} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {6C4D43A7-2C81-4212-8518-55400A792025} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {DEAE2A03-74DF-4D15-A152-8839DB130B04} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {278FDF89-8519-4EFC-AA26-4F265D527704} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {7F48AB6F-C54F-44AA-B9DF-4B4D02BAC30D} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {82F891DC-06FF-49B0-9C1C-5F5C373B2191} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {1DAF41F9-09C1-4B75-8EEC-4E261CD4708B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {86D69F90-35E3-45B6-9187-0BB2CF83BBC6} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {ECEA3084-FEB0-404C-9963-39D001752D03} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {95C8160B-22E1-420A-AE3E-26614921A3CA} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {D18630B5-EC8A-4BD7-B15A-17780E8B5E11} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {CC154CAB-6955-48C9-B7A1-7FB304DAB13A} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {7F2A58CC-CE18-44EF-B47A-4BF3AE16DD76} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {8214A0DA-9073-48F6-B852-615C48A8098B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0D7D667D-AFC9-4A2F-B334-E8307191C92B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB81348E-26C9-4E60-9C71-EF94AE0E2C94} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {186F6DC6-C626-4214-A31F-67E49776D0ED} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C686002C-2ED0-4349-A479-ABD734A978DA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [364128 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F22F6641-7594-4471-886C-B4AB12488B68} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe [71680 2021-03-12] (Microsoft Windows -> Microsoft Corporation) -> C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {039D5DE2-1024-4C32-A55F-C2A306EE9923} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57F8C718-8EBF-4A99-92E4-D746E54BD12C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D74FA3A9-B79D-4DB9-85DC-FF4491EEA97F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0BEA768A-9127-4717-9B0E-6F216A45EC3D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {761FF01B-301F-45C6-87AE-77DABFCB8B98} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [676256 2023-11-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7B4598B5-10B7-44D3-9C6D-86A12C1BADC6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [723872 2023-11-19] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 84.19.64.4 84.19.64.3 10.0.0.138
Tcpip\..\Interfaces\{5bdce1b0-6c55-4811-8821-86e83bfe7d28}: [DhcpNameServer] 195.178.68.1 195.178.68.3
Tcpip\..\Interfaces\{7370f33a-094d-4166-896c-c94ded8f462e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ba844273-ed17-44ac-bbbf-eefe42da4ab5}: [DhcpNameServer] 84.19.64.4 84.19.64.3 10.0.0.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kopci\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-19]

FireFox:
========
FF DefaultProfile: k5b7neg4.default
FF ProfilePath: C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default [2023-11-19]
FF Notifications: Mozilla\Firefox\Profiles\k5b7neg4.default -> hxxps://www.slevomat.cz; hxxps://online.rb.cz; hxxps://www.yves-rocher.cz
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2022-12-22] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe [34176 2023-07-14] (Lenovo -> Lenovo)
R2 MEmuSVC; C:\Program Files (x86)\Microvirt\MEmu\MemuService.exe [85304 2019-09-12] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 MpKsl2251806f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EFFB97DE-3084-47DC-8FFA-45942737F1CA}\MpKslDrv.sys [263560 2023-11-19] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl8ac75c84; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EFFB97DE-3084-47DC-8FFA-45942737F1CA}\MpKslDrv.sys [263560 2023-11-19] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-05-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-19] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-19 22:17 - 2023-11-19 22:19 - 000025771 _____ C:\Users\Kopci\Desktop\FRST.txt
2023-11-19 22:15 - 2023-11-19 22:15 - 002383872 _____ (Farbar) C:\Users\Kopci\Desktop\FRST64.exe
2023-11-19 18:02 - 2023-11-19 18:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-11-19 18:02 - 2023-11-19 18:02 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-11-19 18:02 - 2023-11-19 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-11-19 18:02 - 2023-11-19 18:02 - 000000000 ____D C:\Program Files\CCleaner
2023-11-19 18:01 - 2023-11-19 18:01 - 078160904 _____ (Piriform Software Ltd) C:\Users\Kopci\Downloads\ccsetup618.exe
2023-11-19 17:55 - 2023-11-19 18:02 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-11-19 17:55 - 2023-11-19 18:02 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Kopci
2023-11-19 17:55 - 2023-11-19 18:02 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-19 22:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-19 22:18 - 2021-03-06 11:13 - 000000000 ____D C:\FRST
2023-11-19 22:05 - 2022-03-26 18:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-19 22:03 - 2021-02-26 15:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-11-19 22:03 - 2016-12-25 21:34 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-19 22:00 - 2021-03-12 07:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-19 21:55 - 2019-03-06 18:53 - 000000000 ____D C:\Users\Kopci\AppData\Local\D3DSCache
2023-11-19 19:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-19 19:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-19 19:47 - 2017-10-18 22:33 - 000000000 ____D C:\Users\Kopci\AppData\Local\Packages
2023-11-19 19:46 - 2018-11-14 19:29 - 000000000 ____D C:\Users\Kopci\AppData\Local\PlaceholderTileLogoFolder
2023-11-19 19:12 - 2018-07-04 19:30 - 000000000 ____D C:\ProgramData\Packages
2023-11-19 18:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-19 17:56 - 2021-08-01 01:50 - 000000000 ____D C:\Users\Kopci\AppData\Local\CrashDumps
2023-11-19 17:47 - 2016-12-25 09:33 - 000000000 __SHD C:\Users\Kopci\IntelGraphicsProfiles
2023-11-19 17:45 - 2021-03-12 07:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-19 17:45 - 2021-03-12 07:08 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-19 17:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-19 17:45 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-11-19 17:45 - 2017-09-03 13:57 - 000000000 ____D C:\ProgramData\Synaptics
2023-11-19 17:43 - 2022-12-17 11:42 - 000000000 ____D C:\Program Files (x86)\Steam
2023-11-19 17:40 - 2017-01-17 18:29 - 000000000 ____D C:\Users\Kopci\Documents\Registry CCleaner
2023-11-19 16:09 - 2018-02-17 23:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-19 15:54 - 2021-03-12 07:08 - 000536616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-19 15:46 - 2021-05-16 09:46 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-19 15:44 - 2021-06-18 20:23 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\MuseScore
2023-11-19 15:43 - 2022-11-21 03:51 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-11-19 15:43 - 2022-11-21 03:51 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-11-19 15:35 - 2016-12-25 20:55 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-11-19 15:34 - 2016-05-28 14:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-11-19 15:25 - 2021-03-12 01:25 - 000490424 _____ C:\WINDOWS\system32\perfh012.dat
2023-11-19 15:25 - 2021-03-12 01:25 - 000134396 _____ C:\WINDOWS\system32\perfc012.dat
2023-11-19 15:24 - 2021-03-12 07:30 - 002324300 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-19 15:24 - 2021-03-12 01:15 - 000721822 _____ C:\WINDOWS\system32\perfh005.dat
2023-11-19 15:24 - 2021-03-12 01:15 - 000146848 _____ C:\WINDOWS\system32\perfc005.dat
2023-11-19 15:15 - 2021-03-12 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\ko
2023-11-19 15:15 - 2021-03-12 01:24 - 000000000 ____D C:\WINDOWS\system32\ko
2023-11-19 15:15 - 2021-03-12 01:15 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-11-19 15:15 - 2021-03-12 01:15 - 000000000 ____D C:\WINDOWS\system32\cs
2023-11-19 15:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-19 15:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-11-19 15:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-19 15:14 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-19 15:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-19 15:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-19 15:06 - 2021-02-15 08:22 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Zoom
2023-11-19 15:03 - 2022-12-17 11:51 - 000000000 ____D C:\Users\Kopci\AppData\Local\Steam
2023-11-19 14:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-19 14:35 - 2021-03-12 07:12 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-19 14:26 - 2021-03-12 07:38 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-19 14:26 - 2021-03-12 07:38 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-11-19 14:14 - 2016-05-28 14:54 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-19 14:13 - 2023-01-03 19:58 - 000000000 ____D C:\Users\Kopci\AppData\Local\Discord
2023-11-19 14:13 - 2022-12-18 13:28 - 000000000 ____D C:\Program Files\Electronic Arts
2023-11-19 14:12 - 2023-01-03 19:59 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\discord
2023-11-19 14:09 - 2022-12-22 10:16 - 000000000 ____D C:\ProgramData\Epic
2023-11-19 13:31 - 2021-07-24 08:58 - 000000000 ____D C:\WINDOWS\Minidump

==================== Files in the root of some directories ========

2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ () C:\Users\Kopci\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by Kopci (19-11-2023 22:22:36)
Running from C:\Users\Kopci\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2021-03-12 06:40:06)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3044413106-2186633788-3405021347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3044413106-2186633788-3405021347-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3044413106-2186633788-3405021347-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3044413106-2186633788-3405021347-501 - Limited - Disabled)
Kopci (S-1-5-21-3044413106-2186633788-3405021347-1001 - Administrator - Enabled) => C:\Users\Kopci
WDAGUtilityAccount (S-1-5-21-3044413106-2186633788-3405021347-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.006.20380 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.18 - Piriform)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM\...\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}) (Version: 10.1.1.9 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{60DC6F22-D268-44F0-8720-200033508384}) (Version: 11.0.0.1158 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{DF17C0DB-76D8-4A45-B26E-674F8455B803}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{303C5CD6-2525-49C5-9E49-DBD92F9F63BD}) (Version: 14.5.2.1088 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB041B6A-FACB-4853-BEE9-814FE7F93BB2}) (Version: 17.1.1530.1669 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{61D0924A-4791-4AD5-B6C6-38E3420B6D53}) (Version: 18.11.0.0664 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo App Explorer (HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\...\Host App Service) (Version: 0.272.1.559 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Business Vantage (HKLM-x32\...\{BAAE4B9C-8D26-44AF-BCE8-181C8F4A8D5B}_is1) (Version: 3.0.2.3 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Smart Fingerprint (HKLM-x32\...\{90C700B4-BC7E-4628-867C-FC8622F0DAD9}_is1) (Version: 1.0.0.50 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.72.0 - Lenovo Group Ltd.)
MEmu (HKLM-x32\...\MEmu) (Version: 7.5.5.0 - Microvirt Software Technology Co. Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.16924.20150 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.48 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\OneDriveSetup.exe) (Version: 23.066.0326.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 119.0.1 (x64 cs)) (Version: 119.0.1 - Mozilla)
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20124 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16924.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0412-0000-0000000FF1CE}) (Version: 16.0.16924.20088 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29088 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{9062E143-DEDB-4F8C-B5B8-30AEC328400C}) (Version: 4.5.289.0 - Synaptics)
Taskbar system version 1.0.0.2 (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\{C40E1200-5BEC-410C-B3C5-F7B475729D42}_is1) (Version: 1.0.0.2 - Taskbar system) <==== ATTENTION
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 - Microsoft Corporation)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.36 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C22F49B1-0F67-47DC-A490-E8B4B6558EA9}) (Version: 8.91.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-5) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.3.6) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
엔터프라이즈용 Microsoft 365 앱 - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.16924.20150 - Microsoft Corporation)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC [2023-11-19] ()
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-27] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2310.18.0_x64__k1h2ywk1493x8 [2023-11-19] (LENOVO INC.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-20] (LENOVO INCORPORATED.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Video Cutter & Compressor -> C:\Program Files\WindowsApps\24711Mixilab.VideoCutterCompressor_2.0.1.0_x64__c39s816dkej80 [2020-02-17] (Mixilab) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxDTCM.dll [2017-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-07 14:55 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-03-07 14:55 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2020-03-07 14:55 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A813C5E-EE10-4A91-83D8-430CEA749392} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\sharepoint.com -> hxxps://gyby-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kopci\Downloads\sunset.jpg
DNS Servers: 84.19.64.4 - 84.19.64.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{ACB65E45-6819-4891-8ED4-60649491935B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{35063B0C-4953-459D-A405-8B78D49C101E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5DB4350-2CE3-4965-AE72-9C796FB7DA4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DC50887B-05F7-4502-9AB3-EC14784DE52B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8C71CC94-352E-4648-AC9E-E53D00F37F6A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{0393F908-183C-4CE0-BD79-793DE565E783}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1812297-088D-4302-AC15-1B0F987743EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{E91FB828-0E3E-4C62-883A-4A910DFF7564}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{8DD5E227-36B5-4649-925D-59805381D95F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{C3BA6387-7685-452E-8CAD-D5227F10A4BC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B85B09C7-9E72-4E31-9D5E-4BACFC9C66F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4941AECC-93F2-4D0A-BC0D-42D34BB0F890}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{848B3181-DA37-4E85-885C-7DD61E227E0F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5418ED3F-4B10-4334-AED8-34D9B99CE2B5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.48\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AC4486A7-59E9-4E01-8399-BF00ADE4DCDE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC9AA41B-CF81-44BB-B4B8-B88885667A4A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{913D8E72-FC99-4532-B70B-41B8AAD3B2C3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{635D9A7D-F2B8-4CA0-AC3A-3133E4B3D2B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B1C03FD-A495-45AD-B9E3-D26F437B3B9B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{73686EF5-6A77-4EF0-91F5-87ADA811A0B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B2B3288-2CEB-4FBD-900E-269B5CC7EDFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

19-11-2023 21:48:24 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/19/2023 10:01:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/19/2023 10:01:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/19/2023 10:00:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/19/2023 09:46:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/19/2023 09:28:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/19/2023 09:28:49 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/19/2023 09:28:23 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/19/2023 09:26:31 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

System errors:
=============
Error: (11/19/2023 07:00:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PB1QWVW0R95-Microsoft.WindowsAppRuntime.1.4.

Error: (11/19/2023 06:04:26 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-HH1EQN5N)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/19/2023 05:53:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CCleaner Performance Optimizer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/19/2023 05:46:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/19/2023 05:46:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (11/19/2023 05:44:06 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/19/2023 04:03:31 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-HH1EQN5N)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/19/2023 03:55:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Windows Defender:
================
Date: 2023-11-19 22:22:31
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Kopci\Downloads\the-sims-4_2347384061.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-HH1EQN5N\Kopci
Název procesu: C:\Users\Kopci\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.401.862.0, AS: 1.401.862.0, NIS: 1.401.862.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-19 22:22:24
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Kopci\Downloads\Memu-Installer_v3.11.398.216.5.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-HH1EQN5N\Kopci
Název procesu: C:\Users\Kopci\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.401.862.0, AS: 1.401.862.0, NIS: 1.401.862.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-19 22:21:46
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Kopci\Downloads\ccsetup526.exe; file:_C:\Users\Kopci\Downloads\ccsetup530.exe; file:_C:\Users\Kopci\Downloads\ccsetup532pro.exe; file:_C:\Users\Kopci\Downloads\ccsetup538.exe; file:_C:\Users\Kopci\Downloads\ccsetup541.exe; file:_C:\Users\Kopci\Downloads\ccsetup553(1).exe; file:_C:\Users\Kopci\Downloads\ccsetup553(2).exe; file:_C:\Users\Kopci\Downloads\ccsetup553.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-HH1EQN5N\Kopci
Název procesu: C:\Users\Kopci\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.401.862.0, AS: 1.401.862.0, NIS: 1.401.862.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-19 22:21:45
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Kopci\Downloads\ccsetup526.exe; file:_C:\Users\Kopci\Downloads\ccsetup530.exe; file:_C:\Users\Kopci\Downloads\ccsetup532pro.exe; file:_C:\Users\Kopci\Downloads\ccsetup538.exe; file:_C:\Users\Kopci\Downloads\ccsetup541.exe; file:_C:\Users\Kopci\Downloads\ccsetup553(1).exe; file:_C:\Users\Kopci\Downloads\ccsetup553(2).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-HH1EQN5N\Kopci
Název procesu: C:\Users\Kopci\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.401.862.0, AS: 1.401.862.0, NIS: 1.401.862.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009

Date: 2023-11-19 22:21:44
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Kopci\Downloads\ccsetup526.exe; file:_C:\Users\Kopci\Downloads\ccsetup530.exe; file:_C:\Users\Kopci\Downloads\ccsetup532pro.exe; file:_C:\Users\Kopci\Downloads\ccsetup538.exe; file:_C:\Users\Kopci\Downloads\ccsetup541.exe; file:_C:\Users\Kopci\Downloads\ccsetup553(1).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-HH1EQN5N\Kopci
Název procesu: C:\Users\Kopci\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.401.862.0, AS: 1.401.862.0, NIS: 1.401.862.0
Verze modulu: AM: 1.1.23100.2009, NIS: 1.1.23100.2009
Event[0]:

Date: 2023-11-19 15:35:31
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1046.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-11-19 15:29:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1046.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-11-19 15:29:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1046.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-05-12 21:33:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1429.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-05-12 21:33:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1429.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

CodeIntegrity:
===============
Date: 2023-11-19 18:23:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-11-19 17:51:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-05-12 21:46:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-04-15 20:11:56
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO D7CN35WW(V3.08) 03/07/2017
Motherboard: LENOVO Lenovo E51-80
Processor: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz
Percentage of memory in use: 84%
Total physical RAM: 3954.76 MB
Available physical RAM: 615.98 MB
Total Virtual: 9074.76 MB
Available Virtual: 4668.58 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:884.23 GB) (Free:770.64 GB) (Model: ST1000LM014-SSHD-8GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.91 GB) (Model: ST1000LM014-SSHD-8GB) NTFS

\\?\Volume{6c3fa5a0-0174-47ec-9620-50fa9d879456}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{e5a533a5-59c4-46c1-a763-e04321dd8ea9}\ (LENOVO_PART) (Fixed) (Total:20.06 GB) (Free:8.52 GB) NTFS
\\?\Volume{d776d5a8-d836-456e-bd52-14bf61297784}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6199B984)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-20-2023
# Duration: 00:00:23
# OS: Windows 10 (Build 19045.2965)
# Cleaned: 15
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
Deleted C:\ProgramData\SAntivirus
Deleted C:\Users\Kopci\AppData\Roaming\santivirusclient

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\Software\SAntivirus
Deleted HKLM\Software\SegOption
Deleted HKLM\Software\Wow6432Node\SAntivirus
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SAntivirusSvc
Deleted HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\Software\Host App Service
Deleted HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10044 octets] - [07/03/2021 19:33:21]
AdwCleaner[C00].txt - [9958 octets] - [07/03/2021 19:40:57]
AdwCleaner[S01].txt - [3197 octets] - [07/03/2021 19:47:28]
AdwCleaner[S02].txt - [3258 octets] - [07/03/2021 19:48:20]
AdwCleaner[C02].txt - [3308 octets] - [07/03/2021 19:48:55]
AdwCleaner[S03].txt - [3380 octets] - [07/03/2021 19:53:29]
AdwCleaner[C03].txt - [3430 octets] - [07/03/2021 19:54:13]
AdwCleaner[S04].txt - [3928 octets] - [20/11/2023 19:29:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

OK. Dejte nové logy FRST+Addition.

VIRY.CZ

Pomalý ntb, prosím o kontrolu

Pomalý ntb, prosím o kontrolu

Re: Pomalý ntb, prosím o kontrolu

Re: Pomalý ntb, prosím o kontrolu

Re: Pomalý ntb, prosím o kontrolu