Zpomalené PC
Napsal: 05 lis 2020 20:37
Dobrý večer, prosím o kontrolu logu. NTB je zpomalený - disk hlasí 100% vytížení, RAM jsou na 85% , někdy procesor na 95 - 100%. Předem moc děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 0$-11-2020
Ran by Vymetalovi (administrator) on VYMETALOVI-PC (ASUSTeK COMPUTER INC. X550VB) (05-11-2020 20:22:26)
Running from C:\Users\Vymetalovi\Desktop
Loaded Profiles: Vymetalovi
Platform: Windows 10 Pro Version 2004 19041.572 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Atheros) [File not signed] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\108.4.453\QtWebEngineProcess.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Vymetalovi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(TeamViewer Germany GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7932928 2020-10-20] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3340990006-1524966782-2681538254-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952568 2020-10-29] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3340990006-1524966782-2681538254-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [31387320 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-04] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0375AA24-39A6-4F1B-A383-760E8FB72ACC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {05864DA6-79FF-4B5E-B58C-6222F739DE63} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {064BA1B8-F7F8-47C3-A5BF-CF3E3B9FDB9B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {08391E93-E198-4347-B707-207EF23C88A6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E08317B-34F8-44ED-85FC-226664F32865} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {169D2D80-A966-40E6-9877-0B6C3A6692ED} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1A56BB1F-82DB-4698-929E-F6C4AC5EFE8F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B4043BB-CDEE-4A25-BAAD-B4794923E605} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1EA7010A-DDF9-4D1D-AC0F-E43862651D8B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {218C5C38-414E-4FF5-983F-FF824F364C28} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {221A4413-1DA6-40C4-809E-D608F308133C} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {24510B43-206B-41C2-B2BC-CD5745366B73} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {25D0BDF5-8C03-4D58-AC20-F6564911F160} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {30B5539B-6BD0-4A28-902C-47BCE82D4EE5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {35748E30-E06D-4B7A-931A-C0D95FB072D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-28] (Google Inc -> Google Inc.)
Task: {3F80EEDB-8FCF-4EBF-8B85-68D9106F7120} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {427353A0-5868-46D6-9016-B45D8C900AD5} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {44114689-02EE-47E2-A1D6-16646B132088} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44ACF6AA-04D6-4D5F-80E2-CC1C63B5E394} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {460E94B1-145A-4BDB-A845-8261F95F4C5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A7D3BB7-225F-479A-990A-613EDB3A334B} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {4DA2A742-4ABA-4E5E-85E3-B3569B188399} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {503E2610-01B5-492E-B65F-80D46539E7A2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {5675CF3C-56F6-408A-8A0D-3A03EDC6CD3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {572749A2-22D8-493A-8EF7-8D4831455049} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {65920BEF-7CB3-4686-97E3-F7F4BB97C292} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {677CD750-5EC8-4E64-B767-1F21B96841B4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B1FAAB7-4DB2-4BA8-9BAB-05C084F3DED0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6FA705DB-2AD4-466A-9FD0-4D6B36FF4B71} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {77FEE61E-BD6C-479C-B299-97D60167352C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F53A3FC-3CF7-4010-B82B-54B25997253D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89DFC6E8-13D8-4CA7-918A-1DFED5A48E79} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8B5E1FF6-0582-4E0D-B102-FA3970A27CC9} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {96532851-43B0-4815-8AF9-BD14AC25F8B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-28] (Google Inc -> Google Inc.)
Task: {9CFDB89C-F4CE-432C-9F6B-A1C2F2618F4A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1E593C0-AB7F-47F5-B06E-4EC163931D3C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A286A8DE-6A1B-4C07-95A3-5FD9B31EBBF2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {A78C68D6-9EDF-431B-9EE9-DDB2873ED4B2} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B330F88B-3372-4609-AC52-C1304C2893C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26069176 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B93F683D-0706-4ED8-AB4F-7411C52501F4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D121F5AA-B3FF-4AF8-A903-5E18A2A32503} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0049586-97DA-4C4A-A029-61E48EA98408} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2B23E3E-BED0-4F30-821F-3855B72F377F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F2029936-FD52-4954-ACFE-D64FD8CD8D4C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F8827B69-665E-400F-9576-A79521D0FCBC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC6631B7-BC2C-4D36-B162-34CD6A2E1334} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0C2DAE79-7CD2-4202-9074-7223A6790C68}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D36BADB0-42D0-48E4-A68F-288AA34D967B}: [DhcpNameServer] 192.168.10.1
Edge:
======
Edge Profile: C:\Users\Vymetalovi\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-05]
FireFox:
========
FF DefaultProfile: kktwig9l.default
FF ProfilePath: C:\Users\Vymetalovi\AppData\Roaming\Mozilla\Firefox\Profiles\kktwig9l.default [2020-11-05]
FF Homepage: Mozilla\Firefox\Profiles\kktwig9l.default -> www.seznam.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\kktwig9l.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (No Name) - C:\Users\Vymetalovi\AppData\Roaming\Mozilla\Firefox\Profiles\kktwig9l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default [2020-11-05]
CHR DownloadDir: C:\Users\Vymetalovi\Desktop
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-28]
CHR Extension: (Tabulky) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-14]
CHR HKU\S-1-5-21-3340990006-1524966782-2681538254-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-10-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5102504 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11481104 2020-07-13] (TeamViewer Germany GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 EtronHub3; C:\WINDOWS\System32\Drivers\EtronHub3.sys [65408 2014-02-12] (Etron Technology Inc) [File not signed]
S3 EtronSTOR; C:\WINDOWS\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Etron Technology Inc) [File not signed]
S3 EtronXHCI; C:\WINDOWS\System32\Drivers\EtronXHCI.sys [94208 2014-02-12] (Etron Technology Inc) [File not signed]
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
S3 ocznvme; C:\WINDOWS\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 ocztrimfilter; C:\WINDOWS\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 tilfilter; C:\WINDOWS\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\WINDOWS\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhcdrv; C:\WINDOWS\system32\drivers\xhcdrv.sys [294912 2015-08-20] (VIA Technologies, Inc.) [File not signed]
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 0$-11-2020
Ran by Vymetalovi (administrator) on VYMETALOVI-PC (ASUSTeK COMPUTER INC. X550VB) (05-11-2020 20:22:26)
Running from C:\Users\Vymetalovi\Desktop
Loaded Profiles: Vymetalovi
Platform: Windows 10 Pro Version 2004 19041.572 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Atheros) [File not signed] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\108.4.453\QtWebEngineProcess.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Vymetalovi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(TeamViewer Germany GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7932928 2020-10-20] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3340990006-1524966782-2681538254-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952568 2020-10-29] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3340990006-1524966782-2681538254-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [31387320 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.183\Installer\chrmstp.exe [2020-11-04] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0375AA24-39A6-4F1B-A383-760E8FB72ACC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {05864DA6-79FF-4B5E-B58C-6222F739DE63} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {064BA1B8-F7F8-47C3-A5BF-CF3E3B9FDB9B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {08391E93-E198-4347-B707-207EF23C88A6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E08317B-34F8-44ED-85FC-226664F32865} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {169D2D80-A966-40E6-9877-0B6C3A6692ED} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1A56BB1F-82DB-4698-929E-F6C4AC5EFE8F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B4043BB-CDEE-4A25-BAAD-B4794923E605} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1EA7010A-DDF9-4D1D-AC0F-E43862651D8B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {218C5C38-414E-4FF5-983F-FF824F364C28} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {221A4413-1DA6-40C4-809E-D608F308133C} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {24510B43-206B-41C2-B2BC-CD5745366B73} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {25D0BDF5-8C03-4D58-AC20-F6564911F160} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {30B5539B-6BD0-4A28-902C-47BCE82D4EE5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {35748E30-E06D-4B7A-931A-C0D95FB072D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-28] (Google Inc -> Google Inc.)
Task: {3F80EEDB-8FCF-4EBF-8B85-68D9106F7120} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {427353A0-5868-46D6-9016-B45D8C900AD5} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {44114689-02EE-47E2-A1D6-16646B132088} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44ACF6AA-04D6-4D5F-80E2-CC1C63B5E394} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {460E94B1-145A-4BDB-A845-8261F95F4C5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A7D3BB7-225F-479A-990A-613EDB3A334B} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {4DA2A742-4ABA-4E5E-85E3-B3569B188399} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {503E2610-01B5-492E-B65F-80D46539E7A2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {5675CF3C-56F6-408A-8A0D-3A03EDC6CD3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {572749A2-22D8-493A-8EF7-8D4831455049} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {65920BEF-7CB3-4686-97E3-F7F4BB97C292} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {677CD750-5EC8-4E64-B767-1F21B96841B4} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B1FAAB7-4DB2-4BA8-9BAB-05C084F3DED0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6FA705DB-2AD4-466A-9FD0-4D6B36FF4B71} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {77FEE61E-BD6C-479C-B299-97D60167352C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F53A3FC-3CF7-4010-B82B-54B25997253D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89DFC6E8-13D8-4CA7-918A-1DFED5A48E79} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8B5E1FF6-0582-4E0D-B102-FA3970A27CC9} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {96532851-43B0-4815-8AF9-BD14AC25F8B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-28] (Google Inc -> Google Inc.)
Task: {9CFDB89C-F4CE-432C-9F6B-A1C2F2618F4A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1E593C0-AB7F-47F5-B06E-4EC163931D3C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A286A8DE-6A1B-4C07-95A3-5FD9B31EBBF2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {A78C68D6-9EDF-431B-9EE9-DDB2873ED4B2} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B330F88B-3372-4609-AC52-C1304C2893C3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26069176 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B93F683D-0706-4ED8-AB4F-7411C52501F4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-10-23] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D121F5AA-B3FF-4AF8-A903-5E18A2A32503} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0049586-97DA-4C4A-A029-61E48EA98408} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E2B23E3E-BED0-4F30-821F-3855B72F377F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F2029936-FD52-4954-ACFE-D64FD8CD8D4C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F8827B69-665E-400F-9576-A79521D0FCBC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FC6631B7-BC2C-4D36-B162-34CD6A2E1334} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0C2DAE79-7CD2-4202-9074-7223A6790C68}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D36BADB0-42D0-48E4-A68F-288AA34D967B}: [DhcpNameServer] 192.168.10.1
Edge:
======
Edge Profile: C:\Users\Vymetalovi\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-05]
FireFox:
========
FF DefaultProfile: kktwig9l.default
FF ProfilePath: C:\Users\Vymetalovi\AppData\Roaming\Mozilla\Firefox\Profiles\kktwig9l.default [2020-11-05]
FF Homepage: Mozilla\Firefox\Profiles\kktwig9l.default -> www.seznam.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\kktwig9l.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (No Name) - C:\Users\Vymetalovi\AppData\Roaming\Mozilla\Firefox\Profiles\kktwig9l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default [2020-11-05]
CHR DownloadDir: C:\Users\Vymetalovi\Desktop
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-28]
CHR Extension: (Tabulky) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Vymetalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-14]
CHR HKU\S-1-5-21-3340990006-1524966782-2681538254-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-10-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5102504 2020-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11481104 2020-07-13] (TeamViewer Germany GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 EtronHub3; C:\WINDOWS\System32\Drivers\EtronHub3.sys [65408 2014-02-12] (Etron Technology Inc) [File not signed]
S3 EtronSTOR; C:\WINDOWS\System32\Drivers\EtronSTOR.sys [39296 2014-02-12] (Etron Technology Inc) [File not signed]
S3 EtronXHCI; C:\WINDOWS\System32\Drivers\EtronXHCI.sys [94208 2014-02-12] (Etron Technology Inc) [File not signed]
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
S3 ocznvme; C:\WINDOWS\system32\drivers\ocznvme.sys [99592 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 ocztrimfilter; C:\WINDOWS\System32\drivers\ocztrimfilter.sys [29064 2016-06-10] (Toshiba America Electronic Components, Inc. -> TOSHIBA CORPORATION)
S3 tilfilter; C:\WINDOWS\system32\drivers\TIxHCIlfilter.sys [17672 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 tiufilter; C:\WINDOWS\system32\drivers\TIxHCIufilter.sys [23304 2015-02-11] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 xhcdrv; C:\WINDOWS\system32\drivers\xhcdrv.sys [294912 2015-08-20] (VIA Technologies, Inc.) [File not signed]
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)