Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola - pomalý start NB

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
nsocinka
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 22 bře 2006 16:05

Preventivní kontrola - pomalý start NB

#1 Příspěvek od nsocinka »

Hezký den,
prosím o kontrolu. Jde o starší notebook a má dost pomalý start. Nevím, jestli je to stářím nebo nějakým problémem :) Moc děkuji.


==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PianoMarvel] => C:\Program Files (x86)\Piano Marvel Plugin\PianoMarvelPlugin.exe [239416 2019-01-10] (Piano Marvel LLC -> )
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [8042B1555E134D5A037857CEF4310F7C48E69942._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\Windows\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP EE11 Status Monitor: C:\Windows\system32\hpinkstsEE11LM.dll [383496 2015-08-31] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7977.151\Installer\chrmstp.exe [2021-02-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7842.105\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-02-11]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PianoMarvelPlugin.lnk [2020-10-16]
ShortcutTarget: PianoMarvelPlugin.lnk -> C:\Program Files (x86)\Piano Marvel Plugin\PianoMarvelPlugin.exe (Piano Marvel LLC -> )
Startup: C:\Users\havla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-23]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1F3D7311-0C80-4D64-BFB6-9E4F08BE7742} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5493472 2021-02-08] (Avast Software s.r.o. -> Avast Software)
Task: {318E4EF7-E5F4-45E5-9C9F-E3712B79DCE8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {33447EBD-E01E-4CB1-ACCC-1D9B2422E97D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4C75A839-92F5-4680-B295-01925D613E16} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {5376FE1E-7EE1-45F1-84F8-B18D9E27F3E0} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {5D6625DA-E61C-432C-AFDC-27046525EF0A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-05] (Avast Software s.r.o. -> AVAST Software)
Task: {81D429B3-C4FD-4089-AC20-669576F3242B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
Task: {8CE49175-16A7-409C-8D8E-BC05E2A077D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {910C86CD-7756-4A31-AF47-2BB665F10E2A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {95924C31-2E07-4510-8575-1B221907E9CB} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-25] (ASUS) [File not signed]
Task: {9A05F3E6-4AFA-49D4-AE73-1F91E4EFFA6A} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {9B7DED00-BB67-4D3C-A0C6-4A5EEF5FAC79} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BE40E0C-C17E-4B5E-A41E-82F74696DADB} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
Task: {A527BA8F-1CC3-4929-A189-E5FB6CA29763} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5696603-DC39-4A2C-91A4-FD15FFD65737} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
Task: {CD13E723-E511-42B1-88F3-86D4764402CB} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4665568 2021-02-10] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 24756307-e8c4-4c72-b993-0a7d31abd242
Task: {D0C67E28-B92C-40E0-BF1F-3379210F554B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D59E5ECA-F8E1-460D-BA89-9105A1924198} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DBA0B6DE-7A10-44A2-B386-5AC5D147D411} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
Task: {E2A47A4E-9BD4-4EAD-BC7F-1FB7A500F256} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1191136 2021-02-10] (Avast Software s.r.o. -> AVAST Software)
Task: {E4EFC893-ED4B-43F0-AC3F-14722253DDAA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2823124483-3532812185-2156521902-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [1303800 2020-11-25] (Mega Limited -> Mega Limited)
Task: {E68BE96A-1296-444F-A647-0E6CAD298EAB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {E8E0A39F-FCA6-4E41-B396-EF96907AE596} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {EA347C87-E890-4F5D-8A79-4D5C43F8BAA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {F0A3BAAE-3560-482C-A91C-6B0D182BEAB6} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18416 2015-08-17] (ASUSTeK Computer Inc. -> AsusTek)
Task: {F0ABBFF1-C061-4D5B-B42A-5210F93D6CA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {F3F4D75D-27FA-451C-9E4B-79D3C17396D3} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {FC5EFFB2-6DEA-48BA-B0B8-0D84D92B7DF2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-05] (Avast Software s.r.o. -> AVAST Software)
Task: {FD870F55-23FB-4C30-A5C3-CD02B8D947F4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF60218C-BEB1-404D-B36D-2251986D36A3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{380787c8-25cb-4722-8af4-92e975f3a3bb}: [DhcpNameServer] 192.168.40.1
Tcpip\..\Interfaces\{9b179266-9634-467c-8196-0a24d80476da}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\havla\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-19]

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default [2021-02-19]
CHR Extension: (Prezentace) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-25]
CHR Extension: (Dokumenty) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-25]
CHR Extension: (Disk Google) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25]
CHR Extension: (Tabulky) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Stahujte videa na Facebooku) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgknmjhmcbimcpdmmfeafjbdccaheaeg [2020-11-30]
CHR Extension: (FormApps Extension) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-06-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7977.151\elevation_service.exe [1455312 2021-02-05] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [7936736 2021-02-10] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-10] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-10-09] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 YMIDUSBW; C:\WINDOWS\system32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-19 15:37 - 2021-02-19 15:39 - 000021785 _____ C:\Users\havla\Desktop\FRST.txt
2021-02-19 15:36 - 2021-02-19 15:38 - 000000000 ____D C:\FRST
2021-02-19 15:36 - 2021-02-19 15:36 - 002298368 _____ (Farbar) C:\Users\havla\Desktop\FRST64.exe
2021-02-15 15:51 - 2021-02-15 15:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-15 15:51 - 2021-02-15 15:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-15 15:51 - 2021-02-15 15:51 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-15 15:51 - 2021-02-15 15:51 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-15 15:49 - 2021-02-15 15:49 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-19 15:34 - 2015-12-02 11:49 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-19 15:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-19 15:29 - 2018-05-23 06:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-19 15:29 - 2016-04-10 06:35 - 000000000 __SHD C:\Users\havla\IntelGraphicsProfiles
2021-02-19 15:28 - 2020-10-09 10:04 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-02-19 15:28 - 2020-10-09 10:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-19 15:28 - 2020-10-09 09:27 - 000345944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-19 15:28 - 2020-10-09 09:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-19 15:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-19 15:28 - 2018-05-23 06:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-19 15:27 - 2020-11-10 07:26 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-19 15:27 - 2020-10-09 10:04 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-19 15:27 - 2020-10-09 10:04 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-19 15:27 - 2020-10-09 10:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-19 15:27 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-19 14:56 - 2018-05-23 07:10 - 000000000 ____D C:\Users\havla\AppData\Local\Packages
2021-02-19 14:49 - 2020-06-22 16:36 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 14:49 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-19 14:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-19 14:49 - 2018-05-27 22:55 - 000000000 ____D C:\Users\havla\AppData\Roaming\MPC-HC
2021-02-19 14:48 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-19 14:48 - 2018-07-07 16:40 - 000000000 ____D C:\Users\havla\AppData\Local\CrashDumps
2021-02-19 14:42 - 2020-11-10 07:26 - 000000000 ____D C:\Program Files\CCleaner
2021-02-19 14:40 - 2020-10-09 10:04 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-19 12:11 - 2020-10-09 09:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-18 20:54 - 2018-05-25 21:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-18 20:54 - 2018-05-25 21:34 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-17 10:32 - 2018-08-24 17:54 - 000000000 ____D C:\Users\havla\AppData\Roaming\vlc
2021-02-17 10:30 - 2018-08-24 17:55 - 000000000 ____D C:\Users\havla\AppData\Roaming\dvdcss
2021-02-16 22:04 - 2020-10-09 09:35 - 000000000 ____D C:\Users\havla
2021-02-16 10:50 - 2020-10-09 09:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-16 10:50 - 2019-12-07 15:41 - 000719302 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-16 10:50 - 2019-12-07 15:41 - 000145428 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-16 10:40 - 2020-10-09 09:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-16 10:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-16 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-16 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-16 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-16 10:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-15 18:27 - 2015-08-15 06:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-15 16:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-15 03:47 - 2018-05-23 07:10 - 000000000 ____D C:\Users\havla\AppData\Local\ConnectedDevicesPlatform
2021-02-12 10:04 - 2018-05-24 14:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 10:01 - 2018-05-24 14:48 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-11 12:45 - 2019-08-25 19:16 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-02-08 11:56 - 2020-10-09 10:07 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-02-08 09:19 - 2020-10-09 10:04 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-08 09:19 - 2020-10-09 10:04 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-27 06:38 - 2020-09-24 19:03 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2020-05-12 15:16 - 2020-05-12 15:16 - 024166400 _____ () C:\Program Files (x86)\GUT69C4.tmp
2020-11-11 09:12 - 2020-11-11 12:18 - 000000220 _____ () C:\Users\havla\AppData\Roaming\debug.log
2018-05-23 07:11 - 2020-12-08 16:55 - 000000165 _____ () C:\Users\havla\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-02-2021 01
Ran by havla (19-02-2021 15:43:04)
Running from C:\Users\havla\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-10-09 09:05:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2823124483-3532812185-2156521902-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2823124483-3532812185-2156521902-503 - Limited - Disabled)
Guest (S-1-5-21-2823124483-3532812185-2156521902-501 - Limited - Disabled)
havla (S-1-5-21-2823124483-3532812185-2156521902-1001 - Administrator - Enabled) => C:\Users\havla
WDAGUtilityAccount (S-1-5-21-2823124483-3532812185-2156521902-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.105 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.0.7977.151 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.9.5357.1746 - Avast Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 18.500 (20180520_09) - Solitea Česká republika, a.s.)
FormApps Signing Extension (HKLM-x32\...\{35C42D1D-32DC-404F-8978-A30B0D64DD26}) (Version: 2.24.0.43 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
K-Lite Mega Codec Pack 13.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13628.20380 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.57 - NVIDIA Corporation) Hidden
Piano Marvel Plugin (HKLM-x32\...\{2E93AADF-7381-47B1-B3F4-DC2C26CFA5B9}) (Version: 10.21.0 - Piano Marvel LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-11] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1109.0_x64__rz1tebttyb220 [2021-02-17] (Dolby Laboratories)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-05-25] (Flipboard)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{15B667E8-D3AA-42D0-A11E-A95AD95522DB} -> [MEGA] => D:\MEGA [2016-06-30 04:51]
CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\havla\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3] => C:\Users\Public\Documents\Solitea\Money S3\PRINT\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\havla\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-16 21:27 - 2020-10-16 21:27 - 013053440 _____ () [File not signed] C:\ProgramData\MEGAsync\avcodec-58.dll
2020-10-16 21:27 - 2020-10-16 21:27 - 002290176 _____ () [File not signed] C:\ProgramData\MEGAsync\avformat-58.dll
2020-10-16 21:27 - 2020-10-16 21:27 - 000521728 _____ () [File not signed] C:\ProgramData\MEGAsync\avutil-56.dll
2017-09-10 20:08 - 2020-10-16 21:27 - 000065024 _____ () [File not signed] C:\ProgramData\MEGAsync\cares.dll
2020-10-16 21:28 - 2020-10-16 21:28 - 000145408 _____ () [File not signed] C:\ProgramData\MEGAsync\swresample-3.dll
2020-10-16 21:28 - 2020-10-16 21:28 - 000570880 _____ () [File not signed] C:\ProgramData\MEGAsync\swscale-5.dll
2020-04-29 12:00 - 2020-04-29 12:00 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2020-04-29 12:00 - 2020-04-29 12:00 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2018-04-02 18:21 - 2020-10-16 21:28 - 000295936 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\ProgramData\MEGAsync\libcurl.dll
2020-10-16 21:28 - 2020-10-16 21:28 - 002444288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\libcrypto-1_1.dll
2020-10-16 21:28 - 2020-10-16 21:28 - 000504320 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\libssl-1_1.dll
2017-09-25 15:30 - 2020-10-16 21:27 - 005118072 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\ProgramData\MEGAsync\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2019-01-06 15:26 - 000000831 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\havla\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\71184540_129637555055676_4837883791080947712_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "PianoMarvelPlugin.lnk"
HKLM\...\StartupApproved\Run32: => "PianoMarvel"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "8042B1555E134D5A037857CEF4310F7C48E69942._service_run"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DC0BAFB8-8E85-433E-8221-90B4B41F1981}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{896BD674-2EA6-45B6-83C8-2C1882454484}] => (Allow) LPort=5357
FirewallRules: [{82AC5D21-3BE4-4D6B-A5AA-D84C95C214AE}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{968E6F15-EF99-475D-ADD9-8366EF14EC1E}C:\users\havla\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\havla\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{53CB37DE-CE75-4429-91E8-974AD4FB0D9E}C:\users\havla\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\havla\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F6A2789-753F-4068-9F6F-7C08266D1458}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{96C77B0D-D4E3-4C20-A205-22316575631C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{067582D1-66E1-43B4-8E80-3218FD01AE59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1A7C0897-E54A-4EE1-A7BB-1F4455A0BEC5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4734C03-C981-4948-8869-F03F284D5A76}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FE05F14E-A4C8-4CF0-90B5-3C1F10B94AEE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-02-2021 17:19:24 Naplánovaný kontrolní bod
12-02-2021 10:04:45 Instalační služba modulů systému Windows
15-02-2021 15:21:54 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/19/2021 03:32:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1e28

Čas spuštění: 01d706cbda660517

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 065228f2-febb-4545-b5f0-48cabf810921

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: CortanaUI

Typ zablokování: Quiesce

Error: (02/17/2021 05:11:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/17/2021 05:11:31 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/15/2021 02:37:07 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/15/2021 02:34:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na OS (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/14/2021 05:47:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.420.11102.0, časové razítko: 0x5faaa7cb
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xec58f015
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x2e54
Čas spuštění chybující aplikace: 0x01d702f0eddb0e07
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1d6a812a-a503-4255-97a7-84e34dc7c458
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (02/12/2021 03:33:48 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/12/2021 03:33:48 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (02/19/2021 03:28:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/19/2021 03:28:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).

Error: (02/19/2021 02:52:00 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-DL0DBIR)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (02/19/2021 02:36:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/19/2021 02:36:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (02/19/2021 02:35:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/19/2021 02:35:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).

Error: (02/19/2021 12:11:27 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}


CodeIntegrity:
===============
Date: 2021-02-19 15:46:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-19 15:35:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X555LF.504 08/04/2015
Motherboard: ASUSTeK COMPUTER INC. X555LF
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 47%
Total physical RAM: 8094.39 MB
Available physical RAM: 4211.81 MB
Total Virtual: 9374.39 MB
Available Virtual: 5519.1 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.77 GB) (Free:302.6 GB) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:56.94 GB) NTFS

\\?\Volume{33a3c012-6d96-4827-82e6-0d90c88d6290}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{47efe859-77c0-44ba-b28f-6c83bac1dfd4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C8F77A8E)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola - pomalý start NB

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

nsocinka
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 22 bře 2006 16:05

Re: Preventivní kontrola - pomalý start NB

#3 Příspěvek od nsocinka »

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-22-2021
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 28
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Gramblr
Deleted C:\Users\havla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gramblr

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSDeviceActivation Folder C:\Program Files (x86)\ASUS\ASUS DEVICE ACTIVATION
Deleted Preinstalled.ASUSDeviceActivation Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}
Deleted Preinstalled.ASUSGiftBox Folder C:\ProgramData\ASUS\ASUS GIFTBOX DESKTOP
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C75A839-92F5-4680-B295-01925D613E16}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\UPDATE CHECKER
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files (x86)\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{8D6B05E0-F457-408C-9D13-549334D8FAE1}
Deleted Preinstalled.ASUSSmartGesture Folder C:\Program Files (x86)\ASUS\ASUS SMART GESTURE
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0A3BAAE-3560-482C-A91C-6B0D182BEAB6}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Smart Gesture Launcher
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Classes\CLSID\{F31B5912-07D6-4895-B4BA-5486CF3B18B1}
Deleted Preinstalled.ASUSSmartGesture Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
Deleted Preinstalled.ASUSSmartGesture Task C:\Windows\System32\Tasks\ASUS SMART GESTURE LAUNCHER
Deleted Preinstalled.ASUSSplendid File C:\Users\havla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eye Care Switcher.Lnk
Deleted Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95924C31-2E07-4510-8575-1B221907E9CB}
Deleted Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Splendid ACMON
Deleted Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Deleted Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ASUS SPLENDID ACMON
Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files (x86)\ASUS\WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|WebStorage
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4621 octets] - [22/02/2021 17:49:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola - pomalý start NB

#4 Příspěvek od Diallix »

Poprosim o nove logy FRST9´+ ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

nsocinka
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 22 bře 2006 16:05

Re: Preventivní kontrola - pomalý start NB

#5 Příspěvek od nsocinka »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2021
Ran by havla (administrator) on DESKTOP-DL0DBIR (ASUSTeK COMPUTER INC. X555LF) (22-02-2021 20:38:46)
Running from C:\Users\havla\Desktop
Loaded Profiles: havla
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dxgiadaptercache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PianoMarvel] => C:\Program Files (x86)\Piano Marvel Plugin\PianoMarvelPlugin.exe [239416 2019-01-10] (Piano Marvel LLC -> )
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [8042B1555E134D5A037857CEF4310F7C48E69942._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\Windows\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP EE11 Status Monitor: C:\Windows\system32\hpinkstsEE11LM.dll [383496 2015-08-31] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.151\Installer\chrmstp.exe [2021-02-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7842.105\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-02-11]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PianoMarvelPlugin.lnk [2020-10-16]
ShortcutTarget: PianoMarvelPlugin.lnk -> C:\Program Files (x86)\Piano Marvel Plugin\PianoMarvelPlugin.exe (Piano Marvel LLC -> )
Startup: C:\Users\havla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-23]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1F3D7311-0C80-4D64-BFB6-9E4F08BE7742} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5493472 2021-02-08] (Avast Software s.r.o. -> Avast Software)
Task: {32419618-F660-4767-A978-285082435DAF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {33447EBD-E01E-4CB1-ACCC-1D9B2422E97D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {49E1B089-C7C0-481D-8FBB-68668AE85F03} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5376FE1E-7EE1-45F1-84F8-B18D9E27F3E0} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {5D6625DA-E61C-432C-AFDC-27046525EF0A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
Task: {704B4D11-050F-459A-832E-1B7467B84668} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {81D429B3-C4FD-4089-AC20-669576F3242B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
Task: {830735F9-DD7D-422D-A5CD-00D38FE94406} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1191136 2021-02-10] (Avast Software s.r.o. -> AVAST Software)
Task: {8CE49175-16A7-409C-8D8E-BC05E2A077D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {910C86CD-7756-4A31-AF47-2BB665F10E2A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {9A05F3E6-4AFA-49D4-AE73-1F91E4EFFA6A} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [427880 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {9BE40E0C-C17E-4B5E-A41E-82F74696DADB} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
Task: {A5696603-DC39-4A2C-91A4-FD15FFD65737} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {AF7E7051-3CE0-41A5-B41C-4932AF0F5638} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe
Task: {CD13E723-E511-42B1-88F3-86D4764402CB} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4665568 2021-02-10] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 24756307-e8c4-4c72-b993-0a7d31abd242
Task: {D0C67E28-B92C-40E0-BF1F-3379210F554B} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D59E5ECA-F8E1-460D-BA89-9105A1924198} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DBA0B6DE-7A10-44A2-B386-5AC5D147D411} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
Task: {E4EFC893-ED4B-43F0-AC3F-14722253DDAA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2823124483-3532812185-2156521902-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [1303800 2020-11-25] (Mega Limited -> Mega Limited)
Task: {E68BE96A-1296-444F-A647-0E6CAD298EAB} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {E8B6CE44-568E-4CE8-B3E0-97B01569C5D9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8E0A39F-FCA6-4E41-B396-EF96907AE596} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {EA347C87-E890-4F5D-8A79-4D5C43F8BAA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {F0ABBFF1-C061-4D5B-B42A-5210F93D6CA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {F3F4D75D-27FA-451C-9E4B-79D3C17396D3} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [461160 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {FC5EFFB2-6DEA-48BA-B0B8-0D84D92B7DF2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2192896 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
Task: {FF60218C-BEB1-404D-B36D-2251986D36A3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16165632 2015-07-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{380787c8-25cb-4722-8af4-92e975f3a3bb}: [DhcpNameServer] 192.168.40.1
Tcpip\..\Interfaces\{9b179266-9634-467c-8196-0a24d80476da}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\havla\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-19]

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-03] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default [2021-02-22]
CHR Extension: (Prezentace) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-25]
CHR Extension: (Dokumenty) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-25]
CHR Extension: (Disk Google) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-28]
CHR Extension: (YouTube) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25]
CHR Extension: (Tabulky) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Stahujte videa na Facebooku) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgknmjhmcbimcpdmmfeafjbdccaheaeg [2020-11-30]
CHR Extension: (FormApps Extension) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-06-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\havla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-03] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.151\elevation_service.exe [1456376 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-15] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [7936736 2021-02-10] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-10] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-10-09] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BrSerIb; C:\WINDOWS\System32\drivers\BrSerIb.sys [95344 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
S3 BrUsbSIb; C:\WINDOWS\System32\drivers\BrUsbSIb.sys [21872 2013-11-21] (Brother Industries, Ltd. -> Brother Industries Ltd.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 YMIDUSBW; C:\WINDOWS\system32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation -> Yamaha Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-22 20:38 - 2021-02-22 20:41 - 000025614 _____ C:\Users\havla\Desktop\FRST.txt
2021-02-22 20:37 - 2021-02-22 20:37 - 002301440 _____ (Farbar) C:\Users\havla\Desktop\FRST64.exe
2021-02-22 20:29 - 2021-02-22 20:29 - 002301440 _____ (Farbar) C:\Users\havla\FRST64.exe
2021-02-22 17:49 - 2021-02-22 17:53 - 000000000 ____D C:\AdwCleaner
2021-02-22 17:48 - 2021-02-22 17:48 - 008463216 _____ (Malwarebytes) C:\Users\havla\Desktop\adwcleaner_8.1.exe
2021-02-19 15:36 - 2021-02-22 20:40 - 000000000 ____D C:\FRST
2021-02-15 15:51 - 2021-02-15 15:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-15 15:51 - 2021-02-15 15:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-15 15:51 - 2021-02-15 15:51 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-15 15:51 - 2021-02-15 15:51 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-15 15:49 - 2021-02-15 15:49 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-22 20:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-22 20:33 - 2018-05-23 06:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-22 20:33 - 2016-04-10 06:35 - 000000000 __SHD C:\Users\havla\IntelGraphicsProfiles
2021-02-22 20:32 - 2020-10-09 10:04 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-02-22 20:32 - 2020-10-09 10:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-22 20:32 - 2020-10-09 09:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-22 20:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-22 20:32 - 2018-05-23 06:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-22 20:31 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-22 20:29 - 2020-10-09 09:35 - 000000000 ____D C:\Users\havla
2021-02-22 20:23 - 2020-10-09 09:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-22 18:23 - 2020-10-09 10:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-22 18:07 - 2018-05-23 07:10 - 000000000 ____D C:\Users\havla\AppData\Local\Packages
2021-02-22 18:01 - 2015-12-02 11:49 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-22 17:53 - 2018-05-23 07:10 - 000000000 ____D C:\ProgramData\ASUS
2021-02-22 17:53 - 2015-08-15 06:29 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-02-22 17:49 - 2019-08-25 19:16 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-02-21 16:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-21 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-21 16:54 - 2020-09-24 19:03 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 11:13 - 2015-08-15 06:30 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-20 11:08 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-20 10:05 - 2020-11-10 07:26 - 000002298 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-20 10:05 - 2020-10-09 10:04 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-20 10:05 - 2020-10-09 10:04 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-19 15:28 - 2020-10-09 09:27 - 000345944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-19 14:49 - 2020-06-22 16:36 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 14:49 - 2018-05-27 22:55 - 000000000 ____D C:\Users\havla\AppData\Roaming\MPC-HC
2021-02-19 14:48 - 2018-07-07 16:40 - 000000000 ____D C:\Users\havla\AppData\Local\CrashDumps
2021-02-19 14:42 - 2020-11-10 07:26 - 000000000 ____D C:\Program Files\CCleaner
2021-02-19 14:40 - 2020-10-09 10:04 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-18 20:54 - 2018-05-25 21:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-18 20:54 - 2018-05-25 21:34 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-17 10:32 - 2018-08-24 17:54 - 000000000 ____D C:\Users\havla\AppData\Roaming\vlc
2021-02-17 10:30 - 2018-08-24 17:55 - 000000000 ____D C:\Users\havla\AppData\Roaming\dvdcss
2021-02-16 10:50 - 2020-10-09 09:47 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-16 10:50 - 2019-12-07 15:41 - 000719302 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-16 10:50 - 2019-12-07 15:41 - 000145428 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-16 10:40 - 2020-10-09 09:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-16 10:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-16 10:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-16 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-16 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-16 10:39 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-16 10:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-15 16:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-15 03:47 - 2018-05-23 07:10 - 000000000 ____D C:\Users\havla\AppData\Local\ConnectedDevicesPlatform
2021-02-12 10:04 - 2018-05-24 14:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 10:01 - 2018-05-24 14:48 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 11:56 - 2020-10-09 10:07 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-02-08 09:19 - 2020-10-09 10:04 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-08 09:19 - 2020-10-09 10:04 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:04 - 2020-09-24 19:03 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-09-24 19:03 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2021-02-22 20:29 - 2021-02-22 20:29 - 002301440 _____ (Farbar) C:\Users\havla\FRST64.exe
2020-05-12 15:16 - 2020-05-12 15:16 - 024166400 _____ () C:\Program Files (x86)\GUT69C4.tmp
2020-11-11 09:12 - 2020-11-11 12:18 - 000000220 _____ () C:\Users\havla\AppData\Roaming\debug.log
2018-05-23 07:11 - 2020-12-08 16:55 - 000000165 _____ () C:\Users\havla\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2021
Ran by havla (22-02-2021 20:45:00)
Running from C:\Users\havla\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-10-09 09:05:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2823124483-3532812185-2156521902-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2823124483-3532812185-2156521902-503 - Limited - Disabled)
Guest (S-1-5-21-2823124483-3532812185-2156521902-501 - Limited - Disabled)
havla (S-1-5-21-2823124483-3532812185-2156521902-1001 - Administrator - Enabled) => C:\Users\havla
WDAGUtilityAccount (S-1-5-21-2823124483-3532812185-2156521902-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.105 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.1.8016.151 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.9.5357.1746 - Avast Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 18.500 (20180520_09) - Solitea Česká republika, a.s.)
FormApps Signing Extension (HKLM-x32\...\{35C42D1D-32DC-404F-8978-A30B0D64DD26}) (Version: 2.24.0.43 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
K-Lite Mega Codec Pack 13.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.57 - NVIDIA Corporation) Hidden
Piano Marvel Plugin (HKLM-x32\...\{2E93AADF-7381-47B1-B3F4-DC2C26CFA5B9}) (Version: 10.21.0 - Piano Marvel LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.2 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-11] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.1129.0_x64__rz1tebttyb220 [2021-02-21] (Dolby Laboratories)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2018-05-25] (Flipboard)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{15B667E8-D3AA-42D0-A11E-A95AD95522DB} -> [MEGA] => D:\MEGA [2016-06-30 04:51]
CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\havla\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3] => C:\Users\Public\Documents\Solitea\Money S3\PRINT\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\havla\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2020-11-25] (Mega Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-16 21:27 - 2020-10-16 21:27 - 013053440 _____ () [File not signed] C:\ProgramData\MEGAsync\avcodec-58.dll
2020-10-16 21:27 - 2020-10-16 21:27 - 002290176 _____ () [File not signed] C:\ProgramData\MEGAsync\avformat-58.dll
2020-10-16 21:27 - 2020-10-16 21:27 - 000521728 _____ () [File not signed] C:\ProgramData\MEGAsync\avutil-56.dll
2017-09-10 20:08 - 2020-10-16 21:27 - 000065024 _____ () [File not signed] C:\ProgramData\MEGAsync\cares.dll
2020-10-16 21:28 - 2020-10-16 21:28 - 000145408 _____ () [File not signed] C:\ProgramData\MEGAsync\swresample-3.dll
2020-10-16 21:28 - 2020-10-16 21:28 - 000570880 _____ () [File not signed] C:\ProgramData\MEGAsync\swscale-5.dll
2018-04-02 18:21 - 2020-10-16 21:28 - 000295936 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\ProgramData\MEGAsync\libcurl.dll
2020-10-16 21:28 - 2020-10-16 21:28 - 002444288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\libcrypto-1_1.dll
2020-10-16 21:28 - 2020-10-16 21:28 - 000504320 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\ProgramData\MEGAsync\libssl-1_1.dll
2017-09-25 15:30 - 2020-10-16 21:27 - 005118072 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\ProgramData\MEGAsync\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-02] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2019-01-06 15:26 - 000000831 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\havla\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\71184540_129637555055676_4837883791080947712_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "PianoMarvelPlugin.lnk"
HKLM\...\StartupApproved\Run32: => "PianoMarvel"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "8042B1555E134D5A037857CEF4310F7C48E69942._service_run"
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DC0BAFB8-8E85-433E-8221-90B4B41F1981}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{896BD674-2EA6-45B6-83C8-2C1882454484}] => (Allow) LPort=5357
FirewallRules: [{82AC5D21-3BE4-4D6B-A5AA-D84C95C214AE}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [TCP Query User{968E6F15-EF99-475D-ADD9-8366EF14EC1E}C:\users\havla\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\havla\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{53CB37DE-CE75-4429-91E8-974AD4FB0D9E}C:\users\havla\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\havla\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3F6A2789-753F-4068-9F6F-7C08266D1458}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{96C77B0D-D4E3-4C20-A205-22316575631C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{067582D1-66E1-43B4-8E80-3218FD01AE59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1A7C0897-E54A-4EE1-A7BB-1F4455A0BEC5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE05F14E-A4C8-4CF0-90B5-3C1F10B94AEE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B62CD6B8-8BB3-40E1-BA4C-E0CB9FD049D0}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

09-02-2021 17:19:24 Naplánovaný kontrolní bod
12-02-2021 10:04:45 Instalační služba modulů systému Windows
15-02-2021 15:21:54 Instalační služba modulů systému Windows
22-02-2021 17:52:15 AdwCleaner_BeforeCleaning_22/02/2021_17:52:07

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/22/2021 08:31:26 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/22/2021 09:49:26 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/22/2021 09:49:10 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na OS (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/19/2021 03:32:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1e28

Čas spuštění: 01d706cbda660517

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 065228f2-febb-4545-b5f0-48cabf810921

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: CortanaUI

Typ zablokování: Quiesce

Error: (02/17/2021 05:11:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (02/17/2021 05:11:31 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (02/15/2021 02:37:07 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (02/15/2021 02:34:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na OS (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (02/22/2021 08:32:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/22/2021 08:32:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).

Error: (02/22/2021 08:31:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (02/22/2021 08:31:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (02/22/2021 05:57:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/22/2021 05:57:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).

Error: (02/22/2021 05:55:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DL0DBIR)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 05:53:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast SecureLine VPN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===============
Date: 2021-02-22 20:37:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X555LF.504 08/04/2015
Motherboard: ASUSTeK COMPUTER INC. X555LF
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 41%
Total physical RAM: 8094.39 MB
Available physical RAM: 4745.5 MB
Total Virtual: 9374.39 MB
Available Virtual: 6244.21 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.77 GB) (Free:297.72 GB) NTFS
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:57.01 GB) NTFS

\\?\Volume{33a3c012-6d96-4827-82e6-0d90c88d6290}\ () (Fixed) (Total:0.57 GB) (Free:0.08 GB) NTFS
\\?\Volume{47efe859-77c0-44ba-b28f-6c83bac1dfd4}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C8F77A8E)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola - pomalý start NB

#6 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {8CE49175-16A7-409C-8D8E-BC05E2A077D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {EA347C87-E890-4F5D-8A79-4D5C43F8BAA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {F0ABBFF1-C061-4D5B-B42A-5210F93D6CA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [X]
2021-02-22 20:33 - 2018-05-23 06:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-08 09:19 - 2020-10-09 10:04 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-08 09:19 - 2020-10-09 10:04 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "8042B1555E134D5A037857CEF4310F7C48E69942._service_run"
FirewallRules: [{896BD674-2EA6-45B6-83C8-2C1882454484}] => (Allow) LPort=5357

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

nsocinka
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 22 bře 2006 16:05

Re: Preventivní kontrola - pomalý start NB

#7 Příspěvek od nsocinka »

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2021
Ran by havla (23-02-2021 17:58:50) Run:1
Running from C:\Users\havla\Desktop
Loaded Profiles: havla
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {8CE49175-16A7-409C-8D8E-BC05E2A077D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
Task: {EA347C87-E890-4F5D-8A79-4D5C43F8BAA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {F0ABBFF1-C061-4D5B-B42A-5210F93D6CA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-25] (Google Inc -> Google Inc.)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [X]
2021-02-22 20:33 - 2018-05-23 06:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-08 09:19 - 2020-10-09 10:04 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-08 09:19 - 2020-10-09 10:04 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2823124483-3532812185-2156521902-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\...\StartupApproved\Run: => "8042B1555E134D5A037857CEF4310F7C48E69942._service_run"
FirewallRules: [{896BD674-2EA6-45B6-83C8-2C1882454484}] => (Allow) LPort=5357

EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8CE49175-16A7-409C-8D8E-BC05E2A077D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CE49175-16A7-409C-8D8E-BC05E2A077D9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EA347C87-E890-4F5D-8A79-4D5C43F8BAA9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA347C87-E890-4F5D-8A79-4D5C43F8BAA9}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F0ABBFF1-C061-4D5B-B42A-5210F93D6CA0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0ABBFF1-C061-4D5B-B42A-5210F93D6CA0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\System\CurrentControlSet\Services\DevActSvc => removed successfully
DevActSvc => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\8042B1555E134D5A037857CEF4310F7C48E69942._service_run" => removed successfully
"HKU\S-1-5-21-2823124483-3532812185-2156521902-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\8042B1555E134D5A037857CEF4310F7C48E69942._service_run" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{896BD674-2EA6-45B6-83C8-2C1882454484}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10526720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13834888 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 7519702 B
Edge => 10752 B
Chrome => 441146804 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 9667 B
ProgramData => 9667 B
Public => 9667 B
systemprofile => 9667 B
systemprofile32 => 9667 B
LocalService => 49611 B
NetworkService => 49611 B
havla => 73063808 B

RecycleBin => 78398755 B
EmptyTemp: => 595.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:03:26 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola - pomalý start NB

#8 Příspěvek od Diallix »

dobre. Ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

nsocinka
Návštěvník
Návštěvník
Příspěvky: 41
Registrován: 22 bře 2006 16:05

Re: Preventivní kontrola - pomalý start NB

#9 Příspěvek od nsocinka »

Celkově je svižnější, start se zkrátil z 5 minut na 3 :) Díky moc za pomoc!

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Preventivní kontrola - pomalý start NB

#10 Příspěvek od Diallix »

V pohode, nemate zaco :]]
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Zamčeno