VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (21-12-2025 15:40:47)
Running from C:\Users\Kohutovci\Desktop\FRST64.exe
Loaded Profiles: Kohutovci
Platform: Microsoft Windows 10 Home Version 22H2 19045.6691 (X64) Language: Slovenčina (Slovensko)
Default browser: "C:\Program Files\Opera\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files\Opera\125.0.5729.49\opera_crashreporter.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (20E7E2C9-A2A9-4A02-BB29-6FCFB9E042BB -> Lenovo) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.7.18.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\25.224.1116.0003\OneDrive.Sync.Service.exe
(Opera Norway AS -> Opera Software) C:\Program Files\Opera\opera.exe <17>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Comodo Security Solutions Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(services.exe ->) (Comodo Security Solutions Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Comodo Security Solutions Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(svchost.exe ->) (Comodo Security Solutions Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.54.63029.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [869032 2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13282304 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752264 2025-09-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Run: [MicrosoftEdgeAutoLaunch_A24FDCC3D8DDD92F5558669C9816EEE8] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228688 2025-12-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Uninstall 25.216.1104.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\25.216.1104.0002" [0 2025-12-15] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11F6ACCE-311F-487E-B555-8F2EF1EE9CC2} - \Lenovo\ImController\TimeBasedEvents\34488b61-04d9-44f4-a0cd-af7063e36aed -> No File <==== ATTENTION
Task: {1D0BDAA9-7887-4A95-A4D9-2DF2C2C461A0} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {4E376363-5079-4376-808B-EEAC0DCC64F6} - \Lenovo\ImController\TimeBasedEvents\cec17025-0785-423f-adb2-3c644b6bb152 -> No File <==== ATTENTION
Task: {692386FB-96EE-4B60-9E1A-611AB1F59B2D} - \Lenovo\ImController\TimeBasedEvents\21382345-a745-4f5b-95d4-299960f826ee -> No File <==== ATTENTION
Task: {726458F7-0EDE-437A-8982-5EB8C8379244} - \Lenovo\ImController\TimeBasedEvents\e5966855-a6e6-4df3-840a-33ab5da8f062 -> No File <==== ATTENTION
Task: {91FB6DA8-7BBE-4CF1-8F07-3D5DE5BFDC40} - \Lenovo\ImController\TimeBasedEvents\9fdbfd81-5e8a-499e-8b3a-e5d5640706e5 -> No File <==== ATTENTION
Task: {E37805F6-245F-453A-99E4-3B9570B5A85D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {429102AE-ACA6-4F2C-BE87-30B3580C1552} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [9212640 2025-12-03] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {75CD0EBC-5AEF-4E79-A3C5-9F9BA4C578FC} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5601960 2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2977504 2025-10-14] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0ADF9CF5-C391-432F-BB3D-110B06F16A18} - System32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-2907761124-1722388098-2410732583-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4953352 2025-12-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AA83FC19-3A71-492E-891C-181DF5BC1386} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13282304 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {997993B5-0BE9-4954-8526-9CD37BE600C3} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {1C1ECF63-D9C6-42E4-AAF8-BDC69754C3AA} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {0A740A29-3354-4235-844B-9573A5DB12DB} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {61036D6D-9938-4CA2-AFD5-BF2136385CD5} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {F6198316-B685-4407-B278-5216395ABD05} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13282304 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {73F84FFC-6D9A-41BD-BF34-44ED1237BDAA} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5812216 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {134AA9F8-9A30-4442-9E51-7A62D002C88B} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {B03A50C2-1808-4E87-B269-783259AD9A9C} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {23BA0969-0158-4FBD-ABF4-7C12A29DE774} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {53E5D1DE-EF36-4FAC-A940-32527AA4663A} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin_Pulsation => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {92DE9A87-0480-4284-A4AF-7D9C7BCEC87B} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {F0338450-05D7-48D3-B6F4-AB4C83057B71} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {2AF0BFD5-001E-41F2-AFD1-A6D80D1AE638} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {C592BC44-4443-4226-8030-AA5380138E15} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe LenovoBatteryPartSalesMonthlyToast (No File)
Task: {1B8488BB-8E31-4540-9075-9D39EB54D080} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {6FAAAD0B-D8BD-4B54-A88A-01907593E310} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSupportHealthReportSchedule => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {CE9CDE6D-0C18-4481-9C79-F550FB778A87} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {87B4A29B-D2C8-4946-880C-C2E8BD8CA23F} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {DF7E948C-D6F3-40B5-A829-97E8AD5550D2} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {355F6C1B-3FB7-42F1-B4A8-39541B14BA48} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {D08612F2-6EA3-4FFA-894E-C126EDD0773E} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {A3F0E553-EDFD-4CD7-9328-B926A67DDD05} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.1.0.7\x86\IdleScheduleEventAction.exe [172104 2025-10-22] (Lenovo -> )
Task: {1C301D8B-2648-4287-B952-ACDF4517CDED} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\ScheduleEventAction.exe [276032 2025-12-03] (Lenovo -> Lenovo)
Task: {2EBF5CD1-2427-4D6A-9A66-D64E3A706049} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {F0F920D6-D820-4CD2-BE02-6757109EE097} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2907761124-1722388098-2410732583-1001 => C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\25.224.1116.0003\OneDriveLauncher.exe [745832 2025-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {60C43579-86E5-4837-9917-3B5E6F5BCB0B} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\autoupdate\opera_autoupdate.exe [6233560 2025-12-18] (Opera Norway AS -> Opera Software)
Task: {63FE2060-30FA-4C2E-A415-A5B2DAB3FFC0} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-2907761124-1722388098-2410732583-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4953352 2025-12-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {92CDA264-07E9-4FA0-A76D-F277BB1AB09C} - System32\Tasks\Piriform\CCleaner 7 - Scheduled Cleaning - default - S-1-5-21-2907761124-1722388098-2410732583-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4953352 2025-12-21] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {78DC32C5-DD17-4CCC-8BCA-F45FA536BF5B} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6274680 2025-12-21] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (the data entry has 58 more characters).
Task: {7F03BFC0-DBDF-4569-9303-73F3C21ACD2A} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [9239776 2025-12-01] (Gen Digital Inc. -> Gen Digital Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0aac535b-4316-4706-800f-032e646be928}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{0aac535b-4316-4706-800f-032e646be928}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}\4505D2C494E4B4F544249363: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}\4505D2C494E4B4F544249363: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}\4505D2C494E4B4F5937344249363: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}\4505D2C494E4B4F5937344249363: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b5b5bceb-f198-4b86-825e-075ed558243d}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{b5b5bceb-f198-4b86-825e-075ed558243d}: [DhcpNameServer] 172.21.21.9 193.32.92.32
Tcpip\..\Interfaces\{b5b5bceb-f198-4b86-825e-075ed558243d}: [DhcpDomain] cmts-knm-cpe-priv-new.antechnet.sk

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2025-12-21]
Edge DownloadDir: Default -> C:\Users\Kohutovci\Desktop
Edge HomePage: Default -> hxxp://www.google.sk/
Edge StartupUrls: Default -> "hxxp://www.google.sk/"
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2025-06-23]

FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-12-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.471.0 -> C:\Program Files (x86)\Java\jre1.8.0_471\bin\dtplugin\npDeployJava1.dll [2025-09-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.471.0 -> C:\Program Files (x86)\Java\jre1.8.0_471\bin\plugin2\npjp2.dll [2025-09-26] (Oracle America, Inc. -> Oracle Corporation)

Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\opera.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7830184 2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1036968 2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [1090216 2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-23] (Avast Software s.r.o. -> AVAST Software)
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [28492408 2025-12-21] (Gen Digital Inc. -> Gen Digital Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11430048 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11430048 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2650584 2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2511.18.0\LenovoVantageService.exe [34368 2025-12-03] (Lenovo -> Lenovo)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [122792 2025-12-12] (The Document Foundation -> The Document Foundation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11207664 2025-12-15] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2024-12-23] (Malwarebytes Inc. -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CCleanerPerformanceOptimizerService; "C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [21088 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [286816 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [435296 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [304736 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [88160 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [29144 2025-07-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [32856 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [289376 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [584800 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [97376 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [898144 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1314912 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [219744 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [403552 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [16528 2024-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [55480 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\drivers\cmdguard.sys [881496 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\System32\drivers\cmdhlp.sys [65648 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [149456 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
R1 intelTDT; C:\WINDOWS\System32\DRIVERS\intelTDT.sys [165504 2024-12-02] (Comodo Security Solutions Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245336 2025-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-12-21 15:40 - 2025-12-21 15:43 - 000028844 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2025-12-21 15:38 - 2025-12-21 15:42 - 000000000 ____D C:\FRST
2025-12-21 15:38 - 2025-12-21 15:38 - 002444288 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2025-12-21 15:25 - 2025-12-21 15:25 - 000000000 ____D C:\ProgramData\CPUID Software
2025-12-21 14:51 - 2025-12-21 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice
2025-12-15 15:21 - 2025-12-15 15:21 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk
2025-12-15 14:32 - 2025-12-21 15:38 - 000021650 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2025-12-15 14:22 - 2025-12-15 14:23 - 000000000 ____D C:\Program Files (x86)\Java
2025-12-15 14:22 - 2025-09-26 05:30 - 000178872 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2025-12-15 13:33 - 2025-12-15 13:33 - 000003272 _____ C:\WINDOWS\system32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-2907761124-1722388098-2410732583-1001
2025-12-15 13:32 - 2025-12-15 13:32 - 000002163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 7.lnk
2025-12-15 13:32 - 2025-12-15 13:32 - 000002151 _____ C:\Users\Public\Desktop\CCleaner.lnk
2025-12-15 13:32 - 2025-12-15 13:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Piriform
2025-12-15 13:32 - 2025-12-15 13:32 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\CCleaner
2025-12-15 13:31 - 2025-12-15 13:31 - 000000000 ____D C:\Program Files\Piriform
2025-12-15 13:31 - 2025-12-15 13:31 - 000000000 ____D C:\Program Files\Common Files\Piriform
2025-12-15 13:24 - 2025-12-15 13:22 - 000323752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-12-21 15:37 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-12-21 15:29 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2025-12-21 15:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-12-21 15:26 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2025-12-21 15:26 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2025-12-21 15:25 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2025-12-21 15:15 - 2018-12-29 23:14 - 000000898 _____ C:\Users\Kohutovci\Desktop\KMPlayer 64X.lnk
2025-12-21 15:15 - 2018-12-29 23:14 - 000000000 ____D C:\Program Files\KMPlayer 64X
2025-12-21 15:10 - 2023-12-11 14:50 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\Malwarebytes
2025-12-21 15:04 - 2025-07-11 12:51 - 000000000 ____D C:\Users\Kohutovci\Desktop\Dokumenty Gabriela
2025-12-21 15:01 - 2021-12-15 13:14 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-12-21 15:01 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-21 15:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-12-21 14:54 - 2025-06-19 19:09 - 000001052 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2025-12-21 14:50 - 2024-05-24 18:46 - 000000000 ____D C:\Program Files\LibreOffice
2025-12-21 14:43 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2025-12-21 14:37 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-12-21 14:15 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2025-12-21 14:10 - 2020-06-28 17:02 - 000003996 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2025-12-21 14:10 - 2018-03-28 08:45 - 000001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2025-12-21 08:41 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-12-21 08:39 - 2022-12-22 19:37 - 000000000 ____D C:\ProgramData\Piriform
2025-12-16 12:02 - 2020-10-11 08:18 - 000003630 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-12-16 12:02 - 2020-10-11 08:18 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-12-15 15:20 - 2025-01-21 08:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2907761124-1722388098-2410732583-1001
2025-12-15 15:20 - 2022-12-24 19:02 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2907761124-1722388098-2410732583-1001
2025-12-15 15:20 - 2022-12-24 19:02 - 000003388 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2907761124-1722388098-2410732583-1001
2025-12-15 15:20 - 2020-06-28 13:04 - 000002402 _____ C:\Users\Kohutovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-12-15 14:58 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2025-12-15 14:56 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-12-15 14:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-12-15 14:55 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2025-12-15 14:29 - 2020-06-28 16:36 - 000652792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-12-15 14:27 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-12-15 14:23 - 2025-06-09 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2025-12-15 13:49 - 2021-12-23 19:47 - 000245336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2025-12-15 13:25 - 2020-06-28 17:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-12-15 13:23 - 2020-09-01 21:17 - 000289376 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2025-12-15 13:23 - 2020-04-03 08:06 - 000584800 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2025-12-15 13:23 - 2019-01-05 14:54 - 000304736 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2025-12-15 13:23 - 2019-01-05 14:54 - 000088160 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2025-12-15 13:23 - 2018-04-03 17:01 - 001314912 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2025-12-15 13:23 - 2018-04-03 17:01 - 000403552 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2025-12-15 13:23 - 2018-04-03 17:01 - 000097376 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2025-12-15 13:23 - 2018-04-03 17:01 - 000073312 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2025-12-15 13:22 - 2019-01-14 15:32 - 000435296 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2025-12-15 13:22 - 2019-01-05 14:54 - 000021088 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2025-12-15 13:22 - 2018-10-09 13:36 - 000032856 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2025-12-15 13:22 - 2018-04-03 17:01 - 000898144 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2025-12-15 13:22 - 2018-04-03 17:01 - 000286816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2025-12-10 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-12-10 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-12-10 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-12-10 12:31 - 2018-03-28 07:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-12-10 12:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-12-10 12:26 - 2018-03-28 07:25 - 218369424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-12-10 12:13 - 2020-06-28 16:42 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-12-10 11:47 - 2022-10-12 10:09 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-12-10 11:47 - 2022-10-12 10:09 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-12-10 10:52 - 2017-11-28 06:54 - 000337876 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2025-12-10 10:52 - 2017-11-28 06:54 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2025-12-10 10:10 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2025-12-10 10:10 - 2019-12-07 15:39 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2025-11-21 20:18 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp

==================== Files in the root of some directories ========

2022-02-01 17:11 - 2022-02-01 17:21 - 000007597 _____ () C:\Users\Kohutovci\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by Kohutovci (21-12-2025 15:44:58)
Running from C:\Users\Kohutovci\Desktop
Microsoft Windows 10 Home Version 22H2 19045.6691 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Disabled - Up to date) {68776303-F62A-B826-2FE9-ABF2832D7700}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Enabled) {504CE226-BC45-B97E-04B6-02C77DFE307B}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 25.001.20997 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 25.12.10659.3321 - Gen Digital Inc.)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.3.1120.1339 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Internet Security 2025 Premium (HKLM\...\COMODO Internet Security) (Version: 12.3.4.8162 - COMODO Security Solutions Inc.)
COMODO Internet Security Pro (HKLM\...\{D059ED0D-D72A-474D-9F6D-11BD124F89C5}) (Version: 12.3.4.8162 - COMODO Security Solutions Inc.) Hidden
CPUID CPU-Z 2.17 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.17 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{09DAB6B6-FBEF-4AC5-AE93-BFF01A0B796D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B557A9A1-D64B-43D7-B598-F7BAAE897CF3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3479FCE3-F7D2-4980-819A-767941440932}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 471 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180471F0}) (Version: 8.0.4710.9 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2025.11.14.11 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2511.18.0 - Lenovo Group Ltd.)
LibreOffice 25.8.4.2 (HKLM\...\{1E18BF7B-E198-425D-8655-96006F94C5D5}) (Version: 25.8.4.2 - The Document Foundation)
Malwarebytes version 5.4.5.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.4.5.226 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.96 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.96 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 25.224.1116.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B81577B2-3AD0-4AFD-A19C-87F673C09D0C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{62678770-F459-4903-83E3-A2968F6CC242}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 125.0.5729.49 (HKLM-x32\...\Opera 125.0.5729.49) (Version: 125.0.5729.49 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: 2.68.0 - TechPowerUp)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 7.13 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 7.13.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-12-10] ()
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.7.18.0_x64__5grkq8ppsgwt4 [2025-05-18] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2511.10.0_x64__k1h2ywk1493x8 [2025-12-21] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.43.0_x64__w1wdnht996qgy [2025-12-20] (LinkedIn) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\25.224.1116.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\25.224.1116.0003\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-07] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2025-07-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2025-07-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-12-15] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-12-15] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2024-12-03] (Comodo Security Solutions Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-12-15] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2025-07-28] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2025-07-28] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2025-10-31 05:46 - 2025-10-31 05:46 - 000030720 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\sk_sk\Acrobat Elements\ContextMenuShim64.sky

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_471\bin\ssv.dll [2025-09-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_471\bin\jp2ssv.dll [2025-09-26] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 156.154.70.25 - 156.154.71.25
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
Wi-Fi: Intel(R) Dual Band Wireless-AC 3165 -> Netwtw04.sys

inspect: COMODO Internet Security Firewall Driver

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 0) (TamperProtectionSource: )
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6677AE29-6F74-4A32-A8BA-42CAC7A51AB6}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{8603E08C-8994-41BE-8868-8BE4205EDE9D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{DA66A5E8-1EBC-4316-B3F5-04BE464A4EE9}] => (Allow) C:\Program Files\Opera\opera.exe (Opera Norway AS -> Opera Software)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/21/2025 03:42:08 PM) (Source: VSS) (EventID: 12293) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on a Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {b5946137-7b9f-4925-af80-51abd60b20d5} if volume is supported. [0x8000ffff] [hr = 0x8000ffff, Catastrophic failure
].


Operation:
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Execution Context: Coordinator
Provider ID: {00000000-0000-0000-0000-000000000000}
Volume Name: \\?\Volume{3b1b6239-52f8-4b94-8311-a4afe3a2fd43}\
Execution Context: Coordinator

Error: (12/21/2025 03:38:59 PM) (Source: VSS) (EventID: 12293) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on a Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details Cannot ask provider {b5946137-7b9f-4925-af80-51abd60b20d5} if volume is supported. [0x8000ffff] [hr = 0x8000ffff, Catastrophic failure
].


Operation:
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Execution Context: Coordinator
Provider ID: {00000000-0000-0000-0000-000000000000}
Volume Name: \\?\Volume{3b1b6239-52f8-4b94-8311-a4afe3a2fd43}\
Execution Context: Coordinator

Error: (12/21/2025 03:29:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AdobeCollabSync.exe, verzia: 25.1.20997.0, časová značka: 0x69347515
Názov chybujúceho modulu: AdobeCollabSync.exe, verzia: 25.1.20997.0, časová značka: 0x69347515
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000006c32c4
Identifikácia chybujúceho procesu: 0x3774
Čas spustenia chybujúcej aplikácie: 0x01dc6ffad824979c
Cesta chybujúcej aplikácie: C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
Cesta chybujúceho modulu: C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
Identifikácia hlásenia: 4b3b4942-dcd4-4916-9b56-2d62bb3b0639
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/21/2025 02:40:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WinStore.App.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 12f8

Start Time: 01dc727f2c9a5bf6

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.WindowsStore_22511.1401.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe

Report Id: 87b86254-ba7d-415c-b56d-5bd402c0d326

Faulting package full name: Microsoft.WindowsStore_22511.1401.5.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Cross-thread

Error: (12/19/2025 10:32:09 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: Naplánovaný bod obnovenia sa nepodarilo vytvoriť. Ďalšie informácie: (0x8004230f).

Error: (12/19/2025 10:32:09 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvorenie bodu obnovenia zlyhalo. (Proces = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Scheduled Checkpoint; Chyba = 0x8004230f).

Error: (12/19/2025 10:32:04 AM) (Source: VSS) (EventID: 12293) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on a Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details IVssSnapshotProvider::IsVolumeSupported() failed with 0x8000ffff [hr = 0x8000ffff, Catastrophic failure
].


Operation:
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Execution Context: Coordinator
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Volume Name: \\?\Volume{3b1b6239-52f8-4b94-8311-a4afe3a2fd43}\
Execution Context: Coordinator

Error: (12/19/2025 10:31:50 AM) (Source: VSS) (EventID: 12293) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on a Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine details IVssSnapshotProvider::IsVolumeSupported() failed with 0x8000ffff [hr = 0x8000ffff, Catastrophic failure
].


Operation:
Check If Volume Is Supported by Provider
Add a Volume to a Shadow Copy Set

Context:
Execution Context: Coordinator
Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
Volume Name: \\?\Volume{3b1b6239-52f8-4b94-8311-a4afe3a2fd43}\
Execution Context: Coordinator


System errors:
=============
Error: (12/21/2025 12:00:12 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-A29B8RGD)
Description: Unable to start a DCOM Server: {7160A13D-73DA-4CEA-95B9-37356478588A}. The error:
"2147942403"
Happened while starting this command:
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxext.exe -Embedding

Error: (12/21/2025 09:03:10 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-A29B8RGD)
Description: Unable to start a DCOM Server: {7160A13D-73DA-4CEA-95B9-37356478588A}. The error:
"2147942403"
Happened while starting this command:
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxext.exe -Embedding

Error: (12/21/2025 08:39:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CCleaner Performance Optimizer Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/20/2025 12:00:22 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-A29B8RGD)
Description: Unable to start a DCOM Server: {7160A13D-73DA-4CEA-95B9-37356478588A}. The error:
"2147942403"
Happened while starting this command:
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxext.exe -Embedding

Error: (12/20/2025 10:31:55 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-A29B8RGD)
Description: Unable to start a DCOM Server: {7160A13D-73DA-4CEA-95B9-37356478588A}. The error:
"2147942403"
Happened while starting this command:
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxext.exe -Embedding

Error: (12/19/2025 10:02:44 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-A29B8RGD)
Description: Unable to start a DCOM Server: {7160A13D-73DA-4CEA-95B9-37356478588A}. The error:
"2147942403"
Happened while starting this command:
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxext.exe -Embedding

Error: (12/19/2025 10:01:39 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-A29B8RGD)
Description: Unable to start a DCOM Server: {7160A13D-73DA-4CEA-95B9-37356478588A}. The error:
"2147942403"
Happened while starting this command:
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxext.exe -Embedding

Error: (12/18/2025 09:45:21 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-A29B8RGD)
Description: Unable to start a DCOM Server: {7160A13D-73DA-4CEA-95B9-37356478588A}. The error:
"2147942403"
Happened while starting this command:
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxext.exe -Embedding


CodeIntegrity:
===============
Date: 2025-12-21 15:45:35
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 72%
Total physical RAM: 5941.05 MB
Available physical RAM: 1648.15 MB
Total Virtual: 12085.05 MB
Available Virtual: 5977.16 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:343.6 GB) (Model: TOSHIBA MQ01ABF050) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) (Model: TOSHIBA MQ01ABF050) NTFS

\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.29 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)

Partition: GPT.

==================== End of Addition.txt =======================

Ahoj,
pouzi fixlist.txt s obsahom:
Start

CloseProcesses:

S3 CCleanerPerformanceOptimizerService; "C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe" [X]

Task: {11F6ACCE-311F-487E-B555-8F2EF1EE9CC2} - \Lenovo\ImController\TimeBasedEvents\34488b61-04d9-44f4-a0cd-af7063e36aed -> No File <==== ATTENTION
Task: {1D0BDAA9-7887-4A95-A4D9-2DF2C2C461A0} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {4E376363-5079-4376-808B-EEAC0DCC64F6} - \Lenovo\ImController\TimeBasedEvents\cec17025-0785-423f-adb2-3c644b6bb152 -> No File <==== ATTENTION
Task: {692386FB-96EE-4B60-9E1A-611AB1F59B2D} - \Lenovo\ImController\TimeBasedEvents\21382345-a745-4f5b-95d4-299960f826ee -> No File <==== ATTENTION
Task: {726458F7-0EDE-437A-8982-5EB8C8379244} - \Lenovo\ImController\TimeBasedEvents\e5966855-a6e6-4df3-840a-33ab5da8f062 -> No File <==== ATTENTION
Task: {91FB6DA8-7BBE-4CF1-8F07-3D5DE5BFDC40} - \Lenovo\ImController\TimeBasedEvents\9fdbfd81-5e8a-499e-8b3a-e5d5640706e5 -> No File <==== ATTENTION

HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Uninstall 25.216.1104.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\25.216.1104.0002" [0 2025-12-15] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION



EmptyTemp:

End

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by Kohutovci (22-12-2025 14:25:30) Run:1
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

S3 CCleanerPerformanceOptimizerService; "C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe" [X]

Task: {11F6ACCE-311F-487E-B555-8F2EF1EE9CC2} - \Lenovo\ImController\TimeBasedEvents\34488b61-04d9-44f4-a0cd-af7063e36aed -> No File <==== ATTENTION
Task: {1D0BDAA9-7887-4A95-A4D9-2DF2C2C461A0} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {4E376363-5079-4376-808B-EEAC0DCC64F6} - \Lenovo\ImController\TimeBasedEvents\cec17025-0785-423f-adb2-3c644b6bb152 -> No File <==== ATTENTION
Task: {692386FB-96EE-4B60-9E1A-611AB1F59B2D} - \Lenovo\ImController\TimeBasedEvents\21382345-a745-4f5b-95d4-299960f826ee -> No File <==== ATTENTION
Task: {726458F7-0EDE-437A-8982-5EB8C8379244} - \Lenovo\ImController\TimeBasedEvents\e5966855-a6e6-4df3-840a-33ab5da8f062 -> No File <==== ATTENTION
Task: {91FB6DA8-7BBE-4CF1-8F07-3D5DE5BFDC40} - \Lenovo\ImController\TimeBasedEvents\9fdbfd81-5e8a-499e-8b3a-e5d5640706e5 -> No File <==== ATTENTION

HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\RunOnce: [Uninstall 25.216.1104.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kohutovci\AppData\Local\Microsoft\OneDrive\25.216.1104.0002" [0 2025-12-15] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION



EmptyTemp:

End
*****************

Processes closed successfully.
HKLM\System\CurrentControlSet\Services\CCleanerPerformanceOptimizerService => removed successfully
CCleanerPerformanceOptimizerService => service removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11F6ACCE-311F-487E-B555-8F2EF1EE9CC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11F6ACCE-311F-487E-B555-8F2EF1EE9CC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\34488b61-04d9-44f4-a0cd-af7063e36aed" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D0BDAA9-7887-4A95-A4D9-2DF2C2C461A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D0BDAA9-7887-4A95-A4D9-2DF2C2C461A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E376363-5079-4376-808B-EEAC0DCC64F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E376363-5079-4376-808B-EEAC0DCC64F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\cec17025-0785-423f-adb2-3c644b6bb152" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{692386FB-96EE-4B60-9E1A-611AB1F59B2D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{692386FB-96EE-4B60-9E1A-611AB1F59B2D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\21382345-a745-4f5b-95d4-299960f826ee" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{726458F7-0EDE-437A-8982-5EB8C8379244}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{726458F7-0EDE-437A-8982-5EB8C8379244}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e5966855-a6e6-4df3-840a-33ab5da8f062" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91FB6DA8-7BBE-4CF1-8F07-3D5DE5BFDC40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91FB6DA8-7BBE-4CF1-8F07-3D5DE5BFDC40}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\9fdbfd81-5e8a-499e-8b3a-e5d5640706e5" => removed successfully
"HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
"HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => not found
"HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.216.1104.0002" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 69147152 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 570716 B
Edge => 0 B
Firefox => 0 B
Opera => 9899123 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 435 B
systemprofile32 => 435 B
LocalService => 2839875 B
NetworkService => 2850677 B
Kohutovci => 2909869950 B

RecycleBin => 0 B
EmptyTemp: => 2.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:27:27 ====

A mame hotovo