zpomalený notebook

[pedro3]

Dobrý den, prosím o kontrolu logu, notebook je neskutečně zpomalený. Moc děkuji


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{704d82da-41f2-45c0-ad4a-820421d53560}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75048510-45FC-475C-828E-1FEB257B40EE}: [DhcpNameServer] 192.168.1.156
Tcpip\..\Interfaces\{80e476ab-2252-41af-ac0d-ca53f62449a0}: [DhcpNameServer] 172.21.3.125
Tcpip\..\Interfaces\{b0aea4ba-6226-4076-96e0-436e18211db0}: [NameServer] 192.168.1.156
Tcpip\..\Interfaces\{bacf0bce-5bba-48f8-8663-48468b16b344}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-01]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-02-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2021-03-03]
CHR Notifications: Default -> hxxps://cz.depositphotos.com; hxxps://cz.pinterest.com; hxxps://daya.cz; hxxps://dran.webnoviny.sk; hxxps://eshop.tescoma.cz; hxxps://www.footshop.cz; hxxps://www.g2a.com; hxxps://www.sevt.cz
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Duolingo on the Web) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-01-18]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-18]
CHR Extension: (Adblock na Youtube™) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-10-10]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-03]
CHR Extension: (Morpheon Dark) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-23]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-03]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk, Inc -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7878680 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
R2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.151\elevation_service.exe [1456376 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
S2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-23] (Geek Software GmbH -> Geek Software GmbH)
R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [148840 2019-09-25] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-12-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aow_drv; C:\Program Files\TxGameAssistant\UI\2.0.12832.123\aow_drv_x64_ev.sys [863616 2019-09-27] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-01-03] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tap0901_zyxel; C:\WINDOWS\System32\drivers\tap0901_zyxel.sys [58792 2018-09-04] (Zyxel Communications Corporation -> The OpenVPN Project)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-09-19] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-01-03] (WireGuard LLC -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2021-01-01] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-03 20:09 - 2021-03-03 20:11 - 000011859 _____ C:\Users\Petr\Desktop\FRST.txt
2021-03-03 20:05 - 2021-03-03 20:05 - 002301440 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2021-03-03 20:05 - 2021-03-03 20:05 - 002301440 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2021-03-03 19:44 - 2021-03-03 19:45 - 000000004 ____H C:\ProgramData\cm-lock
2021-03-02 23:17 - 2021-03-02 23:17 - 000000000 ____D C:\Users\Petr\Desktop\prilohy_28577
2021-03-02 23:16 - 2021-03-02 23:16 - 002041327 _____ C:\Users\Petr\Downloads\prilohy_28577.zip
2021-02-24 21:25 - 2021-02-24 21:29 - 1224928740 _____ C:\Users\Petr\Downloads\Zrození hrdiny-(Válečný-Historický)CZ dab.2016(csfd 84%).avi
2021-02-24 20:08 - 2021-02-24 20:08 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-24 20:08 - 2021-02-24 20:07 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-01 21:08 - 2021-02-01 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2021-02-01 21:08 - 2021-02-01 21:08 - 000000000 ____D C:\Program Files\ffdshow

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-03 20:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-03 20:09 - 2018-01-18 20:10 - 000000000 ____D C:\FRST
2021-03-03 20:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-03 20:03 - 2020-07-25 22:55 - 000000000 ___HD C:\$WinREAgent
2021-03-03 19:53 - 2018-01-18 17:45 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-03 19:45 - 2018-01-18 15:01 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2021-03-03 19:44 - 2018-01-18 14:55 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-03 19:43 - 2020-08-01 01:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-03 19:43 - 2020-08-01 01:01 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-02 23:47 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-02 23:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-02 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-02 23:19 - 2020-06-06 09:32 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-02 23:03 - 2021-01-22 16:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-02 22:54 - 2020-08-01 01:06 - 000000000 ____D C:\Users\Petr
2021-03-02 22:46 - 2020-08-01 01:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-25 22:06 - 2018-08-28 14:48 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-02-25 21:54 - 2018-01-18 14:44 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2021-02-24 21:02 - 2018-01-18 18:02 - 000000000 ____D C:\Users\Petr\Graphisoft
2021-02-24 20:23 - 2018-01-18 15:03 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2021-02-24 20:09 - 2020-10-13 20:22 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-24 20:09 - 2020-08-01 01:43 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-24 20:09 - 2018-01-18 17:47 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-24 20:08 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-24 20:08 - 2019-01-06 10:45 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-24 20:08 - 2019-01-06 10:45 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-24 20:08 - 2018-01-18 17:47 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-24 20:08 - 2018-01-18 17:47 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-24 20:08 - 2018-01-18 17:47 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-24 20:07 - 2020-04-14 19:32 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-24 20:07 - 2019-01-15 22:16 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-24 20:07 - 2019-01-06 10:45 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-24 20:07 - 2018-10-10 20:12 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-24 20:07 - 2018-01-18 17:47 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-24 20:07 - 2018-01-18 17:47 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-22 00:50 - 2019-01-22 22:21 - 000000000 ____D C:\Users\Petr\Desktop\byt
2021-02-21 22:59 - 2018-01-18 16:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-21 22:57 - 2018-01-18 16:10 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-18 00:44 - 2018-01-18 17:04 - 000000000 ___RD C:\Users\Petr\Documents\OSTATNÍ
2021-02-12 21:20 - 2018-01-18 15:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 21:14 - 2018-01-18 15:12 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 21:24 - 2020-08-01 01:43 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2666772695-2080173217-3410975055-1001
2021-02-08 21:24 - 2020-08-01 01:06 - 000002362 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-08 21:24 - 2018-01-18 14:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2021-02-08 20:02 - 2020-08-01 01:43 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-08 20:02 - 2020-08-01 01:43 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-07 11:22 - 2018-01-18 16:56 - 000000000 ___RD C:\Users\Petr\Documents\PRÁCE
2021-02-05 20:32 - 2020-08-01 01:43 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 20:32 - 2020-08-01 01:43 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:04 - 2021-01-22 16:00 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2021-01-22 16:00 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2020-06-07 12:35 - 2020-06-07 12:35 - 000003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[pedro3]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Petr (03-03-2021 20:14:55)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-08-01 00:45:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2666772695-2080173217-3410975055-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2666772695-2080173217-3410975055-503 - Limited - Disabled)
Guest (S-1-5-21-2666772695-2080173217-3410975055-501 - Limited - Disabled)
Petr (S-1-5-21-2666772695-2080173217-3410975055-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-2666772695-2080173217-3410975055-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
ArchiCAD 18 CZE (HKLM\...\001FFF2FFF18FF00FF1101F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
ARCHICAD 20 CZE (HKLM\...\001FFF2FFF20FF00FF1101F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
AutoCAD 2016 – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD 2016 – Čeština (Czech) (HKLM\...\AutoCAD 2016 – Čeština (Czech)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.1.8016.151 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CodeMeter Runtime Kit v5.22a (HKLM\...\{8D299F2C-A3C8-49A5-A726-E885AB397243}) (Version: 5.22.1508.501 - WIBU-SYSTEMS AG)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
GOM Audio (HKLM-x32\...\GOMAudio) (Version: 2.2.10.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.28.5286 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF20FF00FF2801F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
Import souborů SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5069 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20448 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenVPN 2.5.0-I601 amd64 (HKLM\...\{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}) (Version: 2.5.019 - OpenVPN, Inc.)
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
PDF24 Creator 9.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFsam Basic (HKLM-x32\...\{96ABFF50-88F5-426E-96CC-80C98F198C4D}) (Version: 3.0.20.0 - Andrea Vacondio)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
Speciální aplikace Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Systém barev RAL 18 CZE (HKLM\...\076FFF2FFF18FF00FF1101F01F02F000-R1) (Version: 18.0 - Graphisoft)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.19260 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TZB modelár AC18 CZE (HKLM\...\042FFF2FFF18FF00FF1101F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.200 - McAfee, LLC)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.20 of 2013-Dec-18 (Build 1230) (Setup) - WIBU-SYSTEMS AG)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-02-28] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Petr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Petr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\sharepoint.com -> hxxps://topinfocz-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-01-07 22:24 - 000001021 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_71CC2D879D90A4421B4B4F9DA4C4E9B4"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D608B95B-046D-4E61-A897-95132808A597}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [TCP Query User{516B6CCA-2EFB-4771-9E1F-CE1DEA6261D9}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{E04CB1E1-C04F-4B37-8433-9139A55CC8BF}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{63140ACC-200B-4C54-8BB8-514C7B5ACEAF}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{13A3C753-C645-48BC-A1BF-2DB0C365C5AE}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A055AA06-EC29-49F3-A167-C34F86D95F80}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{E265CFCF-5CE4-447F-BB97-AB6B1470561C}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{045F4CD3-DC73-4501-B0D3-1653C27323E6}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe () [File not signed]
FirewallRules: [{18ADC1A6-C19B-4917-BA48-ADCDAD41AF6E}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BF12FE2E-F9E0-4239-B898-CDEDACC52711}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2EAF7A97-2EC2-4BD8-B34B-209790ADC1BC}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{413152FE-E84E-41E0-AB9F-DC64216B0CA0}] => (Allow) c:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{CBCFC6D7-2CF3-44B9-81CE-BA4E668304B4}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [UDP Query User{CEB2C75C-0EC3-4192-9494-AEF611CE984C}C:\program files\graphisoft\archicad 20\overwatchserver.exe] => (Block) C:\program files\graphisoft\archicad 20\overwatchserver.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [TCP Query User{2F493DC4-3AB0-4E36-B519-8CCBF4A85FFD}C:\program files\graphisoft\archicad 20\overwatchserver.exe] => (Block) C:\program files\graphisoft\archicad 20\overwatchserver.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [UDP Query User{BF772B3F-5EF0-406F-87B1-0F09C3B62B01}C:\program files\graphisoft\archicad 20\archicad.exe] => (Block) C:\program files\graphisoft\archicad 20\archicad.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [TCP Query User{D21712F7-3914-4281-8339-3C7141E9A726}C:\program files\graphisoft\archicad 20\archicad.exe] => (Block) C:\program files\graphisoft\archicad 20\archicad.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{8976ED64-3497-4B7B-80AF-61B4FCF0D4E0}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EC987158-370D-4CE0-911A-622AE5F3094C}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EA515CD3-AE03-4A62-96A9-8209A4183742}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B79B6654-A960-4CBA-86EE-855E12DA0E6B}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{D9B1EEC9-BF4E-4344-BE96-DE5E0A97A643}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2F571EA1-2A85-48E5-B6F3-7A7F6626DF28}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe () [File not signed]
FirewallRules: [{DA66DACC-84B6-4762-95E9-AE2F3629DA11}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F4BA3270-02E8-4FF1-9424-F7E2A5283BBB}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{235C8D2C-6FD5-4BB3-8F5A-0604869F330D}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BC00BEE3-C794-4B3D-873B-4C21C092A4BC}] => (Allow) c:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{16D882FC-B473-440C-AC97-97CFB60CFE17}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [UDP Query User{AEDB2C6E-22CA-45B0-BBA0-D51FAC062282}C:\program files\txgameassistant\appmarket\gf186\tupdate.exe] => (Allow) C:\program files\txgameassistant\appmarket\gf186\tupdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{2CA594D1-828B-478A-84A2-AA25F59C0C92}C:\program files\txgameassistant\appmarket\gf186\tupdate.exe] => (Allow) C:\program files\txgameassistant\appmarket\gf186\tupdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [UDP Query User{0D97E9EA-3B49-4118-980F-6E66F666E7B4}C:\program files\txgameassistant\appmarket\gamedownload.exe] => (Allow) C:\program files\txgameassistant\appmarket\gamedownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{46AA77E9-C391-45D1-935E-38F62CF110CE}C:\program files\txgameassistant\appmarket\gamedownload.exe] => (Allow) C:\program files\txgameassistant\appmarket\gamedownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F1699D9E-7EBA-4161-9DCD-F46C91BA4AED}] => (Allow) C:\Users\Petr\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F26EFAEF-19DA-43C5-B692-3BAD263501DB}] => (Allow) C:\Users\Petr\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{B4560749-9C48-444E-84A2-665ECE3CB409}] => (Allow) C:\Users\Petr\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{1F482815-DC61-4BC5-9ED1-67DDCDEA1138}] => (Allow) C:\Users\Petr\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{AF6DB9AC-2344-4F99-8079-E4E6D7E680F3}] => (Allow) C:\Users\Petr\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F0DFBB17-044B-47E2-88D9-573E25A36C44}] => (Allow) C:\Users\Petr\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [UDP Query User{2A66E55B-5BB6-4D54-BB7D-3D0D55FCC009}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{CCE20E32-3DD7-482D-AED0-F6A40D9DCE44}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BBB651EE-612F-4E9D-9872-BE8C07BA8242}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E7601DA-F123-449D-9DCE-A0216AD86EBA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{688AC20A-951B-496A-8569-9B3FAF662CA4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9EE685F-A1AF-4120-BC08-164A4AC1A73E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D617C6A1-7648-433E-9046-1210997DE532}C:\program files\txgameassistant\ui\androidemulator.exe] => (Allow) C:\program files\txgameassistant\ui\androidemulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [TCP Query User{7E96EBE1-42DB-4C60-BFC6-B519F1D16C60}C:\program files\txgameassistant\ui\androidemulator.exe] => (Allow) C:\program files\txgameassistant\ui\androidemulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{12197108-453A-4316-A886-ABC7B5E167DD}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{FED559A5-5117-4D97-A925-DBF0BD2CFD3A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [TCP Query User{09432BA8-F503-4C79-BC41-77B41A219D91}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{91014E6B-AC4E-4DAD-A655-5F8DA63C703C}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{3F6B98EF-2232-4FB3-AE8F-B38BCC18334F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F9537CD-948A-4236-AAB3-DA57B0BF3C78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01727329-992A-48CB-BA4A-069BAB0A49D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D645E28-1F79-40A1-B4D8-0F7CF42CD275}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90E90AA4-0627-4697-88C7-4FFD4C89510E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2B37E93-EF31-4EAA-A7BB-3DD6DB0E6315}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F1206A0D-AF5C-49CF-B4FE-F48E8B637160}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

14-02-2021 20:21:18 Instalační služba modulů systému Windows
17-02-2021 23:56:30 Instalační služba modulů systému Windows
02-03-2021 23:07:59 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/03/2021 08:11:04 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/02/2021 11:31:24 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/14/2021 10:28:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/14/2021 10:28:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/14/2021 09:31:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/14/2021 09:31:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/07/2021 08:30:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/07/2021 08:30:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/03/2021 08:04:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f080a): 2021-02 Kumulativní aktualizace pro Windows 10 Version 2004 pro systémy typu x64 (KB4601319).

Error: (03/03/2021 07:50:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (03/03/2021 07:48:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (03/03/2021 07:44:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PDF24 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/03/2021 07:44:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby PDF24 bylo dosaženo časového limitu (45000 ms).

Error: (03/03/2021 07:44:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba FontCache3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/03/2021 07:44:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby FontCache3.0.0.0 bylo dosaženo časového limitu (45000 ms).

Error: (03/03/2021 07:44:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Autodesk Content Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


CodeIntegrity:
===============
Date: 2021-03-03 20:16:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-03-03 20:15:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 71CN45WW(V1.18) 05/10/2013
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 63%
Total physical RAM: 8047.52 MB
Available physical RAM: 2936.14 MB
Total Virtual: 9327.52 MB
Available Virtual: 3123.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:882.97 GB) (Free:739.17 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.05 GB) NTFS
Drive f: (S4B) (CDROM) (Total:3.26 GB) (Free:0 GB) UDF

\\?\Volume{9a72101c-2e0b-4b05-94b1-8900bf4319d2}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{fd5dc8ca-14c5-4290-bb74-0e1f2f2dee34}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{a5afebc2-8fac-4d98-9504-6825d6a9156c}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{801ee0c6-b96d-4acf-bae6-99bbf9bda214}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{d9023602-cbe1-4420-88b9-13c7c88178de}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:7.05 GB) NTFS
\\?\Volume{26d334ab-c081-45a2-bc51-c45cdc7297d5}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 96B307D0)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[pedro3]

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-03-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Petr\AppData\Local\Tencent
Deleted C:\Users\Petr\AppData\Roaming\Tencent
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4108 octets] - [03/03/2021 21:21:13]
AdwCleaner[C00].txt - [3969 octets] - [03/03/2021 21:21:45]
AdwCleaner[S01].txt - [1527 octets] - [03/03/2021 21:24:20]
AdwCleaner[S02].txt - [1797 octets] - [03/03/2021 21:34:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[pedro3]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Petr (03-03-2021 21:53:30)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 2004 19041.685 (X64) (2020-08-01 00:45:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2666772695-2080173217-3410975055-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2666772695-2080173217-3410975055-503 - Limited - Disabled)
Guest (S-1-5-21-2666772695-2080173217-3410975055-501 - Limited - Disabled)
Petr (S-1-5-21-2666772695-2080173217-3410975055-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-2666772695-2080173217-3410975055-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Adobe Reader XI (11.0.20) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
ArchiCAD 18 CZE (HKLM\...\001FFF2FFF18FF00FF1101F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
ARCHICAD 20 CZE (HKLM\...\001FFF2FFF20FF00FF1101F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
AutoCAD 2016 – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk AutoCAD 2016 – Čeština (Czech) (HKLM\...\AutoCAD 2016 – Čeština (Czech)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.2.8118.183 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CodeMeter Runtime Kit v5.22a (HKLM\...\{8D299F2C-A3C8-49A5-A726-E885AB397243}) (Version: 5.22.1508.501 - WIBU-SYSTEMS AG)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
ffdshow x64 v1.3.4531 [2014-06-28] (HKLM\...\ffdshow64_is1) (Version: 1.3.4531.0 - )
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
GOM Audio (HKLM-x32\...\GOMAudio) (Version: 2.2.10.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.28.5286 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF20FF00FF2801F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
Import souborů SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5069 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Microsoft 365 Apps pro firmy - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20448 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
OpenVPN 2.5.0-I601 amd64 (HKLM\...\{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}) (Version: 2.5.019 - OpenVPN, Inc.)
Ovládací panel NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
PDF24 Creator 9.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFsam Basic (HKLM-x32\...\{96ABFF50-88F5-426E-96CC-80C98F198C4D}) (Version: 3.0.20.0 - Andrea Vacondio)
PUBG LITE (HKLM-x32\...\PUBG LITE_is1) (Version: 1.0.1.0 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
SketchUp 2018 (HKLM\...\{C702DD60-EBF4-4961-8B7D-F209B361F985}) (Version: 18.0.16975 - Trimble, Inc.)
Speciální aplikace Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Systém barev RAL 18 CZE (HKLM\...\076FFF2FFF18FF00FF1101F01F02F000-R1) (Version: 18.0 - Graphisoft)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.19260 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TZB modelár AC18 CZE (HKLM\...\042FFF2FFF18FF00FF1101F01F02F000-R1) (Version: 18.0 - GRAPHISOFT)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.200 - McAfee, LLC)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.20 of 2013-Dec-18 (Build 1230) (Setup) - WIBU-SYSTEMS AG)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-02-28] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Petr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Petr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-12] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\sharepoint.com -> hxxps://topinfocz-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-01-07 22:24 - 000001021 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "CodeMeter Control Center.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_71CC2D879D90A4421B4B4F9DA4C4E9B4"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D608B95B-046D-4E61-A897-95132808A597}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [TCP Query User{516B6CCA-2EFB-4771-9E1F-CE1DEA6261D9}C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) C:\program files (x86)\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe (PUBG CORPORATION -> PUBG Works)
FirewallRules: [{E04CB1E1-C04F-4B37-8433-9139A55CC8BF}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{63140ACC-200B-4C54-8BB8-514C7B5ACEAF}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{13A3C753-C645-48BC-A1BF-2DB0C365C5AE}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{A055AA06-EC29-49F3-A167-C34F86D95F80}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{E265CFCF-5CE4-447F-BB97-AB6B1470561C}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{045F4CD3-DC73-4501-B0D3-1653C27323E6}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{18ADC1A6-C19B-4917-BA48-ADCDAD41AF6E}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{BF12FE2E-F9E0-4239-B898-CDEDACC52711}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{2EAF7A97-2EC2-4BD8-B34B-209790ADC1BC}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{413152FE-E84E-41E0-AB9F-DC64216B0CA0}] => (Allow) c:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{CBCFC6D7-2CF3-44B9-81CE-BA4E668304B4}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [UDP Query User{CEB2C75C-0EC3-4192-9494-AEF611CE984C}C:\program files\graphisoft\archicad 20\overwatchserver.exe] => (Block) C:\program files\graphisoft\archicad 20\overwatchserver.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [TCP Query User{2F493DC4-3AB0-4E36-B519-8CCBF4A85FFD}C:\program files\graphisoft\archicad 20\overwatchserver.exe] => (Block) C:\program files\graphisoft\archicad 20\overwatchserver.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [UDP Query User{BF772B3F-5EF0-406F-87B1-0F09C3B62B01}C:\program files\graphisoft\archicad 20\archicad.exe] => (Block) C:\program files\graphisoft\archicad 20\archicad.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [TCP Query User{D21712F7-3914-4281-8339-3C7141E9A726}C:\program files\graphisoft\archicad 20\archicad.exe] => (Block) C:\program files\graphisoft\archicad 20\archicad.exe (GRAPHISOFT SE) [File not signed]
FirewallRules: [{8976ED64-3497-4B7B-80AF-61B4FCF0D4E0}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EC987158-370D-4CE0-911A-622AE5F3094C}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EA515CD3-AE03-4A62-96A9-8209A4183742}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B79B6654-A960-4CBA-86EE-855E12DA0E6B}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{D9B1EEC9-BF4E-4344-BE96-DE5E0A97A643}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2F571EA1-2A85-48E5-B6F3-7A7F6626DF28}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{DA66DACC-84B6-4762-95E9-AE2F3629DA11}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F4BA3270-02E8-4FF1-9424-F7E2A5283BBB}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{235C8D2C-6FD5-4BB3-8F5A-0604869F330D}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BC00BEE3-C794-4B3D-873B-4C21C092A4BC}] => (Allow) c:\program files\txgameassistant\ui\adb.exe () [File not signed]
FirewallRules: [{16D882FC-B473-440C-AC97-97CFB60CFE17}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [UDP Query User{2A66E55B-5BB6-4D54-BB7D-3D0D55FCC009}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{CCE20E32-3DD7-482D-AED0-F6A40D9DCE44}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{BBB651EE-612F-4E9D-9872-BE8C07BA8242}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E7601DA-F123-449D-9DCE-A0216AD86EBA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{688AC20A-951B-496A-8569-9B3FAF662CA4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9EE685F-A1AF-4120-BC08-164A4AC1A73E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{12197108-453A-4316-A886-ABC7B5E167DD}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{FED559A5-5117-4D97-A925-DBF0BD2CFD3A}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [TCP Query User{09432BA8-F503-4C79-BC41-77B41A219D91}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{91014E6B-AC4E-4DAD-A655-5F8DA63C703C}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{3F6B98EF-2232-4FB3-AE8F-B38BCC18334F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F9537CD-948A-4236-AAB3-DA57B0BF3C78}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01727329-992A-48CB-BA4A-069BAB0A49D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D645E28-1F79-40A1-B4D8-0F7CF42CD275}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90E90AA4-0627-4697-88C7-4FFD4C89510E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69137AEA-96D0-461F-8C36-43C205752331}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6649AEE4-A576-4E60-AC26-F808CB994739}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

14-02-2021 20:21:18 Instalační služba modulů systému Windows
17-02-2021 23:56:30 Instalační služba modulů systému Windows
02-03-2021 23:07:59 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/03/2021 08:11:04 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/02/2021 11:31:24 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/14/2021 10:28:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/14/2021 10:28:52 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/14/2021 09:31:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/14/2021 09:31:51 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/07/2021 08:30:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/07/2021 08:30:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/03/2021 09:36:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Autodesk Application Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/03/2021 09:36:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CodeMeter Runtime Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/03/2021 09:36:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba PDF24 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/03/2021 09:36:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/03/2021 09:36:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/03/2021 09:36:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restartovat službu.

Error: (03/03/2021 09:35:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/03/2021 09:35:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===============
Date: 2021-03-03 21:55:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 71CN45WW(V1.18) 05/10/2013
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 63%
Total physical RAM: 8047.52 MB
Available physical RAM: 2956.54 MB
Total Virtual: 9327.52 MB
Available Virtual: 3526.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:882.97 GB) (Free:739.42 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.05 GB) NTFS
Drive f: (S4B) (CDROM) (Total:3.26 GB) (Free:0 GB) UDF

\\?\Volume{9a72101c-2e0b-4b05-94b1-8900bf4319d2}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{fd5dc8ca-14c5-4290-bb74-0e1f2f2dee34}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{a5afebc2-8fac-4d98-9504-6825d6a9156c}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{801ee0c6-b96d-4acf-bae6-99bbf9bda214}\ () (Fixed) (Total:0.44 GB) (Free:0.14 GB) NTFS
\\?\Volume{d9023602-cbe1-4420-88b9-13c7c88178de}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:7.05 GB) NTFS
\\?\Volume{26d334ab-c081-45a2-bc51-c45cdc7297d5}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 96B307D0)

Partition: GPT.

==================== End of Addition.txt =======================

[pedro3]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Petr (administrator) on SKALA-NTB (LENOVO 20202) (03-03-2021 21:50:33)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Windows 10 Home Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk, Inc -> Autodesk Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-23] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\Run: [AvastBrowserAutoLaunch_71CC2D879D90A4421B4B4F9DA4C4E9B4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-17] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [755296 2020-10-28] (OpenVPN Inc. -> )
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\Policies\Explorer: []
HKLM\...\Windows x64\Print Processors\hpippdga: C:\Windows\System32\spool\prtprocs\x64\hpippdga.dll [742400 2017-11-02] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\...\Print\Monitors\ricu03lm: C:\WINDOWS\system32\ricu03lm.dll [28160 2013-12-27] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-03-03] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.2.8118.183\Installer\chrmstp.exe [2021-03-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.89\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2018-06-18]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2018-01-18]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {20A0D3F4-84D5-4AF9-90C1-930E9481575D} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2FD59CB1-27C8-4EFA-909A-0ED9206E8669} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-28] (Avast Software s.r.o. -> AVAST Software)
Task: {3B15A896-887D-4B22-A4E4-1BD76F147EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-18] (Google Inc -> Google Inc.)
Task: {4364EE1A-DE4F-4245-B4B0-582C92702ACE} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {49CCD4A4-AED8-423B-952B-14C9EA168BB0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {529A5D17-8FBD-4EBD-A24B-C263104D4BAC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142152 2021-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {54AB14DC-3DBE-43E6-B4D8-EB8D31F77DC4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591160 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65352AFD-D9CC-4F9E-BE3B-81D9D6FDA952} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-24] (Avast Software s.r.o. -> Avast Software)
Task: {67BAE3C2-6823-42C4-9494-15FD9ED04EA9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9078CA96-4145-43C7-978D-A5C34B63B7E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-18] (Google Inc -> Google Inc.)
Task: {951E2BCC-46B9-460C-BB20-6EE89D5B598C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-17] (Avast Software s.r.o. -> AVAST Software)
Task: {9612F4DD-1E67-41D8-840E-F1A84DABE530} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B25CF637-ED07-4839-B702-D6D57A591B45} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498496 2021-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEA7D5EE-98DD-41F6-9906-B95DE8FE094E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877368 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C780960A-53D5-4FBA-AA40-6CFBBA4FAE45} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
Task: {CACEB36F-489B-413A-AD2B-3BFF174BE444} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF42DF92-1D6C-4ED3-BB15-BB0BC8393495} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1BA486D-482B-449B-9602-FB9D6F8647C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7555103-857B-4A52-B6F4-A0C34DDF1477} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142152 2021-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8C2EB83-3EA2-4450-9453-B7C3D510BF1E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E4175789-A1F2-44C3-B48F-4E5DC49F313A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849720 2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E5573574-E89C-4E81-B664-B57BA17FB4DE} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-28] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{704d82da-41f2-45c0-ad4a-820421d53560}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{75048510-45FC-475C-828E-1FEB257B40EE}: [DhcpNameServer] 192.168.1.156
Tcpip\..\Interfaces\{80e476ab-2252-41af-ac0d-ca53f62449a0}: [DhcpNameServer] 172.21.3.125
Tcpip\..\Interfaces\{b0aea4ba-6226-4076-96e0-436e18211db0}: [NameServer] 192.168.1.156
Tcpip\..\Interfaces\{bacf0bce-5bba-48f8-8663-48468b16b344}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-01]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-02-12] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-28] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2021-03-03]
CHR Notifications: Default -> hxxps://cz.depositphotos.com; hxxps://cz.pinterest.com; hxxps://daya.cz; hxxps://dran.webnoviny.sk; hxxps://eshop.tescoma.cz; hxxps://www.footshop.cz; hxxps://www.g2a.com; hxxps://www.sevt.cz
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Duolingo on the Web) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-01-18]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-18]
CHR Extension: (Adblock na Youtube™) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-10-10]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-03]
CHR Extension: (Morpheon Dark) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2018-11-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-23]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-03]
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk, Inc -> Autodesk Inc.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-03-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8044056 2021-03-03] (Avast Software s.r.o. -> AVAST Software)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-28] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.2.8118.183\elevation_service.exe [1456376 2021-02-17] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74336 2020-10-28] (OpenVPN Inc. -> The OpenVPN Project)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-23] (Geek Software GmbH -> Geek Software GmbH)
S2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [148840 2019-09-25] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2019-12-28] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aow_drv; C:\Program Files\TxGameAssistant\UI\2.0.12832.123\aow_drv_x64_ev.sys [863616 2019-09-27] (Tencent Technology (Shenzhen) Company Limited -> Tencent)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-01-03] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tap0901_zyxel; C:\WINDOWS\System32\drivers\tap0901_zyxel.sys [58792 2018-09-04] (Zyxel Communications Corporation -> The OpenVPN Project)
S3 tesrsdt; C:\WINDOWS\system32\drivers\tesrsdt.sys [442128 2019-09-19] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\WINDOWS\system32\TesSafe.sys [555064 2019-10-09] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [106760 2013-12-18] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-01-03] (WireGuard LLC -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2021-01-01] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-03 21:37 - 2021-03-03 21:37 - 000001932 _____ C:\Users\Petr\Desktop\AdwCleaner[C02].txt
2021-03-03 21:33 - 2021-03-03 21:33 - 008463216 _____ (Malwarebytes) C:\Users\Petr\Downloads\AdwCleaner.exe
2021-03-03 21:33 - 2021-03-03 21:33 - 008463216 _____ (Malwarebytes) C:\Users\Petr\Desktop\AdwCleaner.exe
2021-03-03 21:22 - 2021-03-03 21:22 - 000003969 _____ C:\Users\Petr\Desktop\AdwCleaner[C00].txt
2021-03-03 21:19 - 2021-03-03 21:19 - 008463216 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner_8.1.exe
2021-03-03 20:14 - 2021-03-03 20:21 - 000040454 _____ C:\Users\Petr\Desktop\Addition.txt
2021-03-03 20:09 - 2021-03-03 21:52 - 000023608 _____ C:\Users\Petr\Desktop\FRST.txt
2021-03-03 20:05 - 2021-03-03 20:05 - 002301440 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2021-03-03 20:05 - 2021-03-03 20:05 - 002301440 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2021-03-02 23:17 - 2021-03-02 23:17 - 000000000 ____D C:\Users\Petr\Desktop\prilohy_28577
2021-03-02 23:16 - 2021-03-02 23:16 - 002041327 _____ C:\Users\Petr\Downloads\prilohy_28577.zip
2021-02-24 21:25 - 2021-02-24 21:29 - 1224928740 _____ C:\Users\Petr\Downloads\Zrození hrdiny-(Válečný-Historický)CZ dab.2016(csfd 84%).avi
2021-02-24 20:08 - 2021-02-24 20:08 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-24 20:08 - 2021-02-24 20:07 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-01 21:08 - 2021-02-01 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2021-02-01 21:08 - 2021-02-01 21:08 - 000000000 ____D C:\Program Files\ffdshow

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-03 21:51 - 2018-01-18 20:10 - 000000000 ____D C:\FRST
2021-03-03 21:36 - 2018-01-18 14:55 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-03 21:31 - 2018-01-18 17:45 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-03 21:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-03 21:28 - 2018-01-18 15:01 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2021-03-03 21:27 - 2020-08-01 01:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-03 21:27 - 2020-08-01 01:01 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-03 21:26 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-03 21:21 - 2018-01-18 19:04 - 000000000 ____D C:\AdwCleaner
2021-03-03 20:25 - 2020-08-01 01:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-03 20:23 - 2018-08-28 14:48 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-03-03 20:23 - 2018-01-18 16:36 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-03 20:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-03 20:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-03 20:03 - 2020-07-25 22:55 - 000000000 ___HD C:\$WinREAgent
2021-03-02 23:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-02 23:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-02 23:19 - 2020-06-06 09:32 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-02 23:03 - 2021-01-22 16:00 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-02 22:54 - 2020-08-01 01:06 - 000000000 ____D C:\Users\Petr
2021-02-25 21:54 - 2018-01-18 14:44 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2021-02-24 21:02 - 2018-01-18 18:02 - 000000000 ____D C:\Users\Petr\Graphisoft
2021-02-24 20:23 - 2018-01-18 15:03 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2021-02-24 20:09 - 2020-10-13 20:22 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-24 20:09 - 2020-08-01 01:43 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-24 20:09 - 2018-01-18 17:47 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-24 20:08 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-24 20:08 - 2019-01-06 10:45 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-24 20:08 - 2019-01-06 10:45 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-24 20:08 - 2018-01-18 17:47 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-24 20:08 - 2018-01-18 17:47 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-24 20:08 - 2018-01-18 17:47 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-24 20:07 - 2020-04-14 19:32 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-24 20:07 - 2019-01-15 22:16 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-24 20:07 - 2019-01-06 10:45 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-24 20:07 - 2018-10-10 20:12 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-24 20:07 - 2018-01-18 17:47 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-24 20:07 - 2018-01-18 17:47 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-22 00:50 - 2019-01-22 22:21 - 000000000 ____D C:\Users\Petr\Desktop\byt
2021-02-21 22:57 - 2018-01-18 16:10 - 000000000 ____D C:\Program Files\Microsoft Office
2021-02-18 00:44 - 2018-01-18 17:04 - 000000000 ___RD C:\Users\Petr\Documents\OSTATNÍ
2021-02-12 21:20 - 2018-01-18 15:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 21:14 - 2018-01-18 15:12 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 21:24 - 2020-08-01 01:43 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2666772695-2080173217-3410975055-1001
2021-02-08 21:24 - 2020-08-01 01:06 - 000002362 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-08 21:24 - 2018-01-18 14:45 - 000000000 ___RD C:\Users\Petr\OneDrive
2021-02-08 20:02 - 2020-08-01 01:43 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-08 20:02 - 2020-08-01 01:43 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-07 11:22 - 2018-01-18 16:56 - 000000000 ___RD C:\Users\Petr\Documents\PRÁCE
2021-02-05 20:32 - 2020-08-01 01:43 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 20:32 - 2020-08-01 01:43 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:04 - 2021-01-22 16:00 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2021-01-22 16:00 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2020-06-07 12:35 - 2020-06-07 12:35 - 000003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3B15A896-887D-4B22-A4E4-1BD76F147EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-18] (Google Inc -> Google Inc.)
Task: {9078CA96-4145-43C7-978D-A5C34B63B7E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-18] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Petr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Petr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
FirewallRules: [{8976ED64-3497-4B7B-80AF-61B4FCF0D4E0}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EC987158-370D-4CE0-911A-622AE5F3094C}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EA515CD3-AE03-4A62-96A9-8209A4183742}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B79B6654-A960-4CBA-86EE-855E12DA0E6B}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{D9B1EEC9-BF4E-4344-BE96-DE5E0A97A643}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2F571EA1-2A85-48E5-B6F3-7A7F6626DF28}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{DA66DACC-84B6-4762-95E9-AE2F3629DA11}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F4BA3270-02E8-4FF1-9424-F7E2A5283BBB}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{235C8D2C-6FD5-4BB3-8F5A-0604869F330D}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{16D882FC-B473-440C-AC97-97CFB60CFE17}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[pedro3]

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Petr (04-03-2021 17:34:36) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\...\Policies\Explorer: []
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3B15A896-887D-4B22-A4E4-1BD76F147EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-18] (Google Inc -> Google Inc.)
Task: {9078CA96-4145-43C7-978D-A5C34B63B7E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-18] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
AlternateDataStreams: C:\Users\Petr\Data aplikací:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
AlternateDataStreams: C:\Users\Petr\AppData\Roaming:fbd50e2f7662a5c33287ddc6e65ab5a1 [394]
FirewallRules: [{8976ED64-3497-4B7B-80AF-61B4FCF0D4E0}] => (Allow) c:\program files\txgameassistant\appmarket\GF186\TUpdate.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EC987158-370D-4CE0-911A-622AE5F3094C}] => (Allow) c:\program files\txgameassistant\appmarket\GameDownload.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{EA515CD3-AE03-4A62-96A9-8209A4183742}] => (Allow) c:\program files\txgameassistant\appmarket\QQExternal.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B79B6654-A960-4CBA-86EE-855E12DA0E6B}] => (Allow) c:\program files\txgameassistant\appmarket\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> 腾讯公司)
FirewallRules: [{D9B1EEC9-BF4E-4344-BE96-DE5E0A97A643}] => (Allow) c:\program files\txgameassistant\appmarket\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{2F571EA1-2A85-48E5-B6F3-7A7F6626DF28}] => (Allow) c:\program files\txgameassistant\appmarket\AppMarket.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{DA66DACC-84B6-4762-95E9-AE2F3629DA11}] => (Allow) c:\program files\txgameassistant\ui\TxGaDcc.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{F4BA3270-02E8-4FF1-9424-F7E2A5283BBB}] => (Allow) c:\program files\txgameassistant\ui\bugreport.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)
FirewallRules: [{235C8D2C-6FD5-4BB3-8F5A-0604869F330D}] => (Allow) c:\program files\txgameassistant\ui\TInst.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{16D882FC-B473-440C-AC97-97CFB60CFE17}] => (Allow) c:\program files\txgameassistant\ui\AndroidEmulator.exe (Tencent Technology(Shenzhen) Company Limited -> Tencent)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-2666772695-2080173217-3410975055-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3B15A896-887D-4B22-A4E4-1BD76F147EE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B15A896-887D-4B22-A4E4-1BD76F147EE7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9078CA96-4145-43C7-978D-A5C34B63B7E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9078CA96-4145-43C7-978D-A5C34B63B7E4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removed successfully
C:\Users\Petr\Data aplikací => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS removed successfully
"C:\Users\Petr\AppData\Roaming" => ":fbd50e2f7662a5c33287ddc6e65ab5a1" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8976ED64-3497-4B7B-80AF-61B4FCF0D4E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC987158-370D-4CE0-911A-622AE5F3094C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA515CD3-AE03-4A62-96A9-8209A4183742}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B79B6654-A960-4CBA-86EE-855E12DA0E6B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9B1EEC9-BF4E-4344-BE96-DE5E0A97A643}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F571EA1-2A85-48E5-B6F3-7A7F6626DF28}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA66DACC-84B6-4762-95E9-AE2F3629DA11}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F4BA3270-02E8-4FF1-9424-F7E2A5283BBB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{235C8D2C-6FD5-4BB3-8F5A-0604869F330D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{16D882FC-B473-440C-AC97-97CFB60CFE17}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61498409 B
Java, Flash, Steam htmlcache => 510 B
Windows/system/drivers => 5690984 B
Edge => 46080 B
Chrome => 481906546 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 173084 B
NetworkService => 173084 B
Petr => 280640594 B

RecycleBin => 11915572854 B
EmptyTemp: => 11.9 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-03-2021 17:41:59)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 17:41:59 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[pedro3]

Dobrý večer,
disk jede pořád z nějakého důvodu na 99%.

[Rudy]

Který proces ho zatěžuje (zjistíte ve správci úloh)?

[pedro3]

Dobrý den, zasílám v příloze.

[Rudy]

Na zkoušku vypněte antivir a winupdate. Pak se přesvědčte, zda zatížení pokleslo.

[pedro3]

Dobrý den, zkusil jsem vypnout a bohužel se nic nestalo, disk jede pořád na 100 %.