VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

100%ní využití disku

https://forum.viry.cz:443/viewtopic.php?t=157706

Stránka 1 z 1

100%ní využití disku

Napsal: 23 pro 2020 23:57
od vidlpa00
Zdravím,
mámim počítač stále ukazuje 100% využití disku a jakákoliv činnost je na něm prakticky nemožná.
Moc Vás prosím o kontrolu logů a jakoukoliv radu. Vložit je sem byl boj na hodinu a půl.
Díky moc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Kitt (administrator) on LAPTOP-7JHK6UOM (HP HP 250 G5 Notebook PC) (23-12-2020 23:29:09)
Running from C:\Users\Kitt\Downloads
Loaded Profiles: Kitt
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <4>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109664 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-09]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013771D7-2ACB-43B3-A61E-91A2510D1FAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {025A68C7-534A-484E-B566-7AAA62D2E5E5} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {0EB634DA-4834-4144-9880-F12F8B4830EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {1635A7D4-1139-482B-8C3A-403D0BDB3E67} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A92DAA5-559A-4D07-B3A3-0DFB447D313C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {346721C1-CCEA-4231-B0D8-41B6F16896B4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1153944 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {44E4D785-27F2-485D-837B-EAD206D2D743} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4CA908D9-BC7F-484F-B101-9D7624E9082A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {4EBA314C-1233-465E-B256-7E4EA660DB22} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {5114433F-C0D4-4DAF-AA81-A615C7765464} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {58894E56-83FF-4161-A52D-378A786A4EC4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {6BC08766-97D6-4057-9D6C-321B0D5D0253} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {79FA65DA-DD6D-4C03-85BD-D11AECFD0721} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {84EDF342-7B38-43D8-8163-CEA9053B39C3} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {91439852-DD97-47DA-82D5-A8E7D05E3CE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-18] (HP Inc. -> )
Task: {9444E441-AD5F-4C83-8593-C402F489A6E1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A61DF163-AEF7-483F-AF47-C0B8B782FFBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {A8EFD166-378A-40E0-829E-AF8C74C1B3B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B1DC68F8-983F-4D25-B32D-363BC5FCBC41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B43F5112-42EE-4954-92A8-053373B9544A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.)
Task: {BB72EDF6-9E57-4156-BF5D-2C9935567A56} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {C1646E6C-A9C9-4BA6-AB35-12B44FC3C690} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDFF5FC7-B8C5-454F-B4A3-1D191E8AD2EC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4496488 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {D48CDAC5-2681-4767-876B-A8ACDB3DE146} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DDB1FE7D-F7BA-40BD-AD37-024C53E75035} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [5046784 2017-10-24] () [File not signed]
Task: {FB6F9F10-9F28-41CF-9D4C-5CBC6B26653A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {FFC8EEBD-A9DA-4AA7-BA3D-2F389BB491BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{13e81151-3356-4606-8915-2c068b46e131}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{18dca581-a022-427f-beb8-658de83dcd17}: [DhcpNameServer] 192.168.1.1

Edge:
======
DownloadDir: C:\Users\Kitt\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kitt\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-23]
Edge DownloadDir: C:\Users\Kitt\Downloads
Edge StartupUrls: Default -> "hxxp://seznam.cz/"

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default [2020-12-23]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Dokumenty) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-23]
CHR Extension: (YouTube) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-20]
CHR Extension: (Gmail) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-20]
CHR Extension: (Chrome Media Router) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8450976 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360408 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2748520 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8945512 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-01] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [236112 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195664 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60496 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175720 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [518680 2020-11-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [470912 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326928 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-24] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-23 23:29 - 2020-12-23 23:39 - 000020790 _____ C:\Users\Kitt\Downloads\FRST.txt
2020-12-23 23:16 - 2020-12-23 23:38 - 000000000 ____D C:\FRST
2020-12-23 23:14 - 2020-12-23 23:15 - 002286592 _____ (Farbar) C:\Users\Kitt\Downloads\FRST64.exe
2020-12-23 16:26 - 2020-12-23 16:26 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-23 16:26 - 2020-12-23 16:26 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-23 16:26 - 2020-12-23 16:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-23 16:26 - 2020-12-23 16:26 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-23 16:26 - 2020-12-23 16:26 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-23 16:26 - 2020-12-23 16:26 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-23 16:26 - 2020-12-23 16:26 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-23 16:25 - 2020-12-23 16:25 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-23 16:25 - 2020-12-23 16:25 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-23 12:02 - 2020-12-23 12:02 - 030536752 _____ (Piriform Software Ltd) C:\Users\Kitt\Downloads\ccsetup575.exe
2020-12-20 18:12 - 2020-12-20 18:12 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-20 18:10 - 2020-12-20 18:10 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-20 18:10 - 2020-12-20 18:10 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-20 18:09 - 2020-12-20 18:09 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-19 22:52 - 2020-12-19 22:52 - 000000000 _____ C:\Users\Kitt\AppData\Local\{6A5CF22B-2678-4757-84A1-B92FF4789965}
2020-12-19 22:52 - 2020-12-19 22:52 - 000000000 _____ C:\Users\Kitt\AppData\Local\{63E2CB70-F3BA-49ED-9625-578FBF462CCE}
2020-12-19 22:43 - 2020-12-23 23:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-23 23:38 - 2017-06-04 11:04 - 000000000 ____D C:\Program Files\CCleaner
2020-12-23 23:37 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-23 23:09 - 2017-06-01 15:41 - 000000000 __SHD C:\Users\Kitt\IntelGraphicsProfiles
2020-12-23 23:08 - 2020-02-24 09:32 - 000000000 ____D C:\Users\Kitt
2020-12-23 23:00 - 2020-02-24 11:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-23 23:00 - 2020-02-24 09:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-23 22:34 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-23 22:15 - 2017-06-03 11:04 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-23 21:37 - 2019-03-19 05:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-12-23 21:25 - 2017-06-04 11:25 - 000007612 _____ C:\Users\Kitt\AppData\Local\Resmon.ResmonCfg
2020-12-23 20:04 - 2020-02-24 11:57 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-23 19:44 - 2020-02-24 09:28 - 001885320 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-23 19:44 - 2019-03-19 12:55 - 000782598 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-23 19:44 - 2019-03-19 12:55 - 000178434 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-23 19:09 - 2016-08-23 20:10 - 000000000 ____D C:\SWSETUP
2020-12-23 18:05 - 2020-02-24 11:57 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-23 18:05 - 2016-07-29 13:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-23 18:04 - 2017-10-24 19:14 - 000000000 ___RD C:\Users\Kitt\3D Objects
2020-12-23 18:02 - 2020-02-24 09:16 - 000535224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-23 16:35 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-23 12:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-23 12:06 - 2018-07-30 16:50 - 000000000 ____D C:\Users\Kitt\AppData\Local\CrashDumps
2020-12-23 12:03 - 2017-06-04 11:04 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-22 10:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-20 19:12 - 2020-06-07 22:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-20 19:12 - 2020-06-07 22:50 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-20 19:12 - 2017-07-24 18:57 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-20 19:12 - 2017-07-24 18:57 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-20 19:08 - 2020-02-24 09:32 - 000000000 ____D C:\Users\defaultuser0
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-20 18:09 - 2020-02-24 09:23 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-12-20 13:09 - 2017-06-03 12:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-20 12:58 - 2017-06-03 12:14 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-12-19 22:51 - 2017-06-21 14:31 - 000000000 ____D C:\Users\Kitt\AppData\Local\Seznam.cz
2020-12-19 22:49 - 2020-10-21 13:08 - 000000000 ____D C:\Users\Kitt\AppData\Roaming\Seznam Browser
2020-12-19 16:25 - 2020-09-30 15:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-12-16 19:15 - 2020-02-24 11:57 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2883006920-4016149694-2905114558-1001
2020-12-16 19:15 - 2020-02-24 09:32 - 000002369 _____ C:\Users\Kitt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 19:15 - 2017-06-01 15:46 - 000000000 ___RD C:\Users\Kitt\OneDrive
2020-12-10 14:17 - 2020-02-24 11:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2020-12-03 22:04 - 2020-02-24 11:57 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-03 22:04 - 2020-02-24 11:57 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-28 12:52 - 2020-06-07 22:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-28 12:52 - 2020-06-07 22:49 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-23 17:20 - 2020-04-22 07:10 - 000518680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys

==================== Files in the root of some directories ========

2019-01-03 07:58 - 2019-01-03 07:58 - 007895040 _____ () C:\Program Files (x86)\GUT9067.tmp
2017-06-04 11:25 - 2020-12-23 21:25 - 000007612 _____ () C:\Users\Kitt\AppData\Local\Resmon.ResmonCfg
2020-12-19 22:52 - 2020-12-19 22:52 - 000000000 _____ () C:\Users\Kitt\AppData\Local\{63E2CB70-F3BA-49ED-9625-578FBF462CCE}
2020-12-19 22:52 - 2020-12-19 22:52 - 000000000 _____ () C:\Users\Kitt\AppData\Local\{6A5CF22B-2678-4757-84A1-B92FF4789965}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Kitt (23-12-2020 23:43:31)
Running from C:\Users\Kitt\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2020-02-24 11:00:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2883006920-4016149694-2905114558-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2883006920-4016149694-2905114558-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2883006920-4016149694-2905114558-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2883006920-4016149694-2905114558-501 - Limited - Disabled)
Kitt (S-1-5-21-2883006920-4016149694-2905114558-1001 - Administrator - Enabled) => C:\Users\Kitt
WDAGUtilityAccount (S-1-5-21-2883006920-4016149694-2905114558-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{CFC677DA-B231-4D6D-8C36-25DBC17ECDDF}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.8.1052 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{208E5E6C-8AF3-4302-8AFB-21FFA882DC2A}) (Version: 19.10.1635.0483 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Prohlížeč Seznam.cz (HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\Seznam Browser) (Version: 6.9.0 - Seznam.cz a.s.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2017.1206.2820.0_x64__343d40qqvtj1t [2017-12-22] (Amazon.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.114.500.0_x86__kgqvnymyfvs32 [2018-05-15] (king.com)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_140.1268.45465.0_x86__8xx8rvfyw5nnt [2017-12-13] (Facebook Inc)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-06-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_85.1.379.0_x64__v10z8vjag6ke6 [2018-05-08] (HP Inc.)
Lexmark Printer Home -> C:\Program Files\WindowsApps\58539F3C.LexmarkPrinterHome_3.0.73.0_neutral__xyj5e99tmxdva [2017-11-20] (Lexmark International, Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_3.2.0.9_x86__h6adky7gbf63m [2018-04-25] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-02-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2020-02-24] (Microsoft Studios) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.24.11382.0_x64__8wekyb3d8bbwe [2018-05-20] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2020-02-24] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2020-02-24] (Microsoft Corporation) [MS Ad]
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_3.9.2.0_x86__g0q0z3kw54rap [2018-05-18] (flaregames GmbH)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c [2020-02-24] (Skype)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.0.9.0_neutral__wgeqdkkx372wm [2018-05-02] (Twitter Inc.)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.0.13313.0_x64__8wekyb3d8bbwe [2020-02-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2883006920-4016149694-2905114558-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=square

==================== Loaded Modules (Whitelisted) =============

2016-10-24 08:09 - 2016-10-24 08:09 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2016-10-24 08:09 - 2016-10-24 08:09 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HCTE
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {BD1B6A23-92F8-4CBF-B0BB-C08FCAA1E6E8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {BD1B6A23-92F8-4CBF-B0BB-C08FCAA1E6E8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2883006920-4016149694-2905114558-1001 -> {BD1B6A23-92F8-4CBF-B0BB-C08FCAA1E6E8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-24] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-02-26 18:56 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-10-20 18:18 - 2017-10-24 23:38 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kitt\Pictures\fotky Turecko\IMG_0764.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
MpsSvc => Firewall Service is not running.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "HP JumpStart Launch.lnk"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A24B25E6-365C-4B61-858E-5340EB7665FD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{C0DF2136-713F-466C-9D16-3838F9C16A04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{ED5B05E5-15B9-4D37-BB37-81B7FBBA7EA4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8568772B-0E20-4B54-A62F-A31F0D5F9A96}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{49426F4D-271B-473A-BD2F-5ECD3C00F0B5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A94422C3-51D8-49BB-9B9F-6CDD4DA37A7E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{7B5B6E1D-2B7B-4F0B-AB21-BC2124B4B280}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BC12B560-D8E3-4F9B-858B-46D8CF920242}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2745E0E4-D31F-4677-B52B-573AAC210B1A}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{64046F8F-EF88-4FE4-B7CF-8555AA5B5017}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{80F2A173-6627-4687-B3E3-1FE2845F79CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-12-2020 17:07:58 Naplánovaný kontrolní bod
09-12-2020 12:19:26 Naplánovaný kontrolní bod
19-12-2020 16:22:18 Instalační služba modulů systému Windows
20-12-2020 17:05:03 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/23/2020 11:37:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5688,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/23/2020 11:25:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.18362.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: b2c

Čas spuštění: 01d6d976ff2e6bf8

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: 90953b5e-48a2-4215-afbf-24c53bf7db03

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/23/2020 11:14:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2244,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/23/2020 11:05:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2404,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/23/2020 10:33:10 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (6384,G,0) Pokus o otevření souboru C:\Users\Kitt\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (12/23/2020 10:30:19 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (6384,G,0) Pokus o otevření souboru C:\Users\Kitt\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (12/23/2020 10:27:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1292,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/23/2020 10:21:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3428,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (12/23/2020 11:23:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Zasílání zpráv o chybách systému Windows bylo dosaženo časového limitu (30000 ms).

Error: (12/23/2020 11:08:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba HP Comm Recovery přestala během spouštění reagovat.

Error: (12/23/2020 11:06:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Firewall v programu Windows Defender závisí na službě Služba BFE (Base Filtering Engine), která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.

Error: (12/23/2020 11:02:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba BFE (Base Filtering Engine) přestala během spouštění reagovat.

Error: (12/23/2020 11:02:55 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba BFE (Base Filtering Engine) přestala během spouštění reagovat.

Error: (12/23/2020 10:59:45 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT AUTHORITY)
Description: Byl spuštěn systémový časovač sledovacího zařízení.

Error: (12/23/2020 11:00:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:51:28, ‎23.‎12.‎2020) bylo neočekávané.

Error: (12/23/2020 10:45:10 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby HPWMISVC bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===================================

Date: 2020-12-23 23:29:09.815
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-23 23:26:03.231
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-23 23:24:44.859
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-23 23:24:44.836
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-23 23:24:44.835
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-23 23:24:44.660
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-23 23:24:28.532
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-23 23:24:28.020
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.44 08/07/2018
Motherboard: HP 81EF
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 83%
Total physical RAM: 4008.07 MB
Available physical RAM: 671.17 MB
Total Virtual: 4712.07 MB
Available Virtual: 874.01 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:915.71 GB) (Free:853.63 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.83 GB) (Free:1.65 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c9746a4c-0b59-4e34-a46f-7901aee4ce66}\ () (Fixed) (Total:1.7 GB) (Free:1.14 GB) NTFS
\\?\Volume{a6e1cf0c-566a-4ae8-8420-c69e49714d43}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8E61EA2B)

Partition: GPT.

==================== End of Addition.txt =======================

Re: 100%ní využití disku

Napsal: 24 pro 2020 11:22
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: 100%ní využití disku

Napsal: 24 pro 2020 17:11
od vidlpa00
Posílám log. Problém bohužel přetrvává.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-12-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-24-2020
# Duration: 00:00:20
# OS: Windows 10 Home
# Cleaned: 19
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Kitt\AppData\Local\Seznam.cz

***** [ Files ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Reimage
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6801 octets] - [24/12/2020 17:03:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: 100%ní využití disku

Napsal: 24 pro 2020 17:29
od Rudy
Dejte nové logy FRST+Addition.

Re: 100%ní využití disku

Napsal: 24 pro 2020 19:17
od vidlpa00
Logy přikládám zde:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Kitt (administrator) on LAPTOP-7JHK6UOM (HP HP 250 G5 Notebook PC) (24-12-2020 17:40:10)
Running from C:\Users\Kitt\Downloads
Loaded Profiles: Kitt
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109664 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-09]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013771D7-2ACB-43B3-A61E-91A2510D1FAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {025A68C7-534A-484E-B566-7AAA62D2E5E5} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {0EB634DA-4834-4144-9880-F12F8B4830EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {1635A7D4-1139-482B-8C3A-403D0BDB3E67} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A92DAA5-559A-4D07-B3A3-0DFB447D313C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {346721C1-CCEA-4231-B0D8-41B6F16896B4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1153944 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {44E4D785-27F2-485D-837B-EAD206D2D743} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4CA908D9-BC7F-484F-B101-9D7624E9082A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {4EBA314C-1233-465E-B256-7E4EA660DB22} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {5114433F-C0D4-4DAF-AA81-A615C7765464} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {58894E56-83FF-4161-A52D-378A786A4EC4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {6BC08766-97D6-4057-9D6C-321B0D5D0253} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {79FA65DA-DD6D-4C03-85BD-D11AECFD0721} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {84EDF342-7B38-43D8-8163-CEA9053B39C3} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {91439852-DD97-47DA-82D5-A8E7D05E3CE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-18] (HP Inc. -> )
Task: {9444E441-AD5F-4C83-8593-C402F489A6E1} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-01] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A61DF163-AEF7-483F-AF47-C0B8B782FFBD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {A8EFD166-378A-40E0-829E-AF8C74C1B3B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B1DC68F8-983F-4D25-B32D-363BC5FCBC41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B43F5112-42EE-4954-92A8-053373B9544A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.)
Task: {BB72EDF6-9E57-4156-BF5D-2C9935567A56} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {C1646E6C-A9C9-4BA6-AB35-12B44FC3C690} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDFF5FC7-B8C5-454F-B4A3-1D191E8AD2EC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4496488 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {D48CDAC5-2681-4767-876B-A8ACDB3DE146} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DDB1FE7D-F7BA-40BD-AD37-024C53E75035} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [5046784 2017-10-24] () [File not signed]
Task: {FB6F9F10-9F28-41CF-9D4C-5CBC6B26653A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {FFC8EEBD-A9DA-4AA7-BA3D-2F389BB491BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{13e81151-3356-4606-8915-2c068b46e131}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{18dca581-a022-427f-beb8-658de83dcd17}: [DhcpNameServer] 192.168.1.1

Edge:
======
DownloadDir: C:\Users\Kitt\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kitt\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-24]
Edge DownloadDir: C:\Users\Kitt\Downloads
Edge Notifications: Default -> hxxps://tn.nova.cz
Edge StartupUrls: Default -> "hxxp://seznam.cz/"

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default [2020-12-24]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Dokumenty) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-23]
CHR Extension: (YouTube) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-24]
CHR Extension: (Gmail) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-24]
CHR Extension: (Chrome Media Router) - C:\Users\Kitt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8450976 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360408 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2748520 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8945512 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-01] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-06-01] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-23] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [236112 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195664 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60496 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175720 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [518680 2020-11-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [470912 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326928 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-24] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-24 17:40 - 2020-12-24 17:48 - 000020228 _____ C:\Users\Kitt\Downloads\FRST.txt
2020-12-24 17:39 - 2020-12-24 17:39 - 002286592 _____ (Farbar) C:\Users\Kitt\Downloads\FRST64 (1).exe
2020-12-24 17:02 - 2020-12-24 17:04 - 000000000 ____D C:\AdwCleaner
2020-12-24 11:41 - 2020-12-24 11:42 - 008447152 _____ (Malwarebytes) C:\Users\Kitt\Downloads\adwcleaner_8.0.8.exe
2020-12-23 23:16 - 2020-12-24 17:47 - 000000000 ____D C:\FRST
2020-12-23 23:14 - 2020-12-23 23:15 - 002286592 _____ (Farbar) C:\Users\Kitt\Downloads\FRST64.exe
2020-12-23 16:26 - 2020-12-23 16:26 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-23 16:26 - 2020-12-23 16:26 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-23 16:26 - 2020-12-23 16:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-23 16:26 - 2020-12-23 16:26 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-23 16:26 - 2020-12-23 16:26 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-23 16:26 - 2020-12-23 16:26 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-23 16:26 - 2020-12-23 16:26 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-23 16:26 - 2020-12-23 16:26 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-23 16:25 - 2020-12-23 16:25 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-23 16:25 - 2020-12-23 16:25 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-23 12:02 - 2020-12-23 12:02 - 030536752 _____ (Piriform Software Ltd) C:\Users\Kitt\Downloads\ccsetup575.exe
2020-12-20 18:12 - 2020-12-20 18:12 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-20 18:10 - 2020-12-20 18:10 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-20 18:10 - 2020-12-20 18:10 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-20 18:09 - 2020-12-20 18:09 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll
2020-12-19 22:52 - 2020-12-19 22:52 - 000000000 _____ C:\Users\Kitt\AppData\Local\{6A5CF22B-2678-4757-84A1-B92FF4789965}
2020-12-19 22:52 - 2020-12-19 22:52 - 000000000 _____ C:\Users\Kitt\AppData\Local\{63E2CB70-F3BA-49ED-9625-578FBF462CCE}
2020-12-19 22:43 - 2020-12-24 17:07 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-24 17:47 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-24 17:39 - 2017-06-03 11:04 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-24 17:11 - 2017-06-04 11:04 - 000000000 ____D C:\Program Files\CCleaner
2020-12-24 17:07 - 2017-06-01 15:41 - 000000000 __SHD C:\Users\Kitt\IntelGraphicsProfiles
2020-12-24 17:06 - 2020-02-24 11:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-24 17:05 - 2019-03-19 05:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-12-24 16:58 - 2020-02-24 11:57 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-24 16:57 - 2020-02-24 09:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-24 11:42 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-24 00:11 - 2020-02-24 09:32 - 000000000 ____D C:\Users\Kitt
2020-12-23 21:25 - 2017-06-04 11:25 - 000007612 _____ C:\Users\Kitt\AppData\Local\Resmon.ResmonCfg
2020-12-23 19:44 - 2020-02-24 09:28 - 001885320 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-23 19:44 - 2019-03-19 12:55 - 000782598 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-23 19:44 - 2019-03-19 12:55 - 000178434 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-23 19:09 - 2016-08-23 20:10 - 000000000 ____D C:\SWSETUP
2020-12-23 18:05 - 2020-02-24 11:57 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-23 18:05 - 2016-07-29 13:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-23 18:04 - 2017-10-24 19:14 - 000000000 ___RD C:\Users\Kitt\3D Objects
2020-12-23 18:02 - 2020-02-24 09:16 - 000535224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-23 17:58 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-23 16:35 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-23 12:06 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-23 12:06 - 2018-07-30 16:50 - 000000000 ____D C:\Users\Kitt\AppData\Local\CrashDumps
2020-12-23 12:03 - 2017-06-04 11:04 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-12-22 10:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-20 19:12 - 2020-06-07 22:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-20 19:12 - 2020-06-07 22:50 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-20 19:12 - 2017-07-24 18:57 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-20 19:12 - 2017-07-24 18:57 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-20 19:08 - 2020-02-24 09:32 - 000000000 ____D C:\Users\defaultuser0
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-20 19:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-20 18:09 - 2020-02-24 09:23 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-12-20 13:09 - 2017-06-03 12:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-20 12:58 - 2017-06-03 12:14 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-12-19 22:49 - 2020-10-21 13:08 - 000000000 ____D C:\Users\Kitt\AppData\Roaming\Seznam Browser
2020-12-19 16:25 - 2020-09-30 15:01 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2020-12-16 19:15 - 2020-02-24 11:57 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2883006920-4016149694-2905114558-1001
2020-12-16 19:15 - 2020-02-24 09:32 - 000002369 _____ C:\Users\Kitt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 19:15 - 2017-06-01 15:46 - 000000000 ___RD C:\Users\Kitt\OneDrive
2020-12-10 14:17 - 2020-02-24 11:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2020-12-03 22:04 - 2020-02-24 11:57 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-03 22:04 - 2020-02-24 11:57 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-28 12:52 - 2020-06-07 22:49 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-28 12:52 - 2020-06-07 22:49 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2019-01-03 07:58 - 2019-01-03 07:58 - 007895040 _____ () C:\Program Files (x86)\GUT9067.tmp
2017-06-04 11:25 - 2020-12-23 21:25 - 000007612 _____ () C:\Users\Kitt\AppData\Local\Resmon.ResmonCfg
2020-12-19 22:52 - 2020-12-19 22:52 - 000000000 _____ () C:\Users\Kitt\AppData\Local\{63E2CB70-F3BA-49ED-9625-578FBF462CCE}
2020-12-19 22:52 - 2020-12-19 22:52 - 000000000 _____ () C:\Users\Kitt\AppData\Local\{6A5CF22B-2678-4757-84A1-B92FF4789965}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Kitt (24-12-2020 18:50:30)
Running from C:\Users\Kitt\Downloads
Windows 10 Home Version 1909 18363.1256 (X64) (2020-02-24 11:00:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2883006920-4016149694-2905114558-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2883006920-4016149694-2905114558-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2883006920-4016149694-2905114558-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2883006920-4016149694-2905114558-501 - Limited - Disabled)
Kitt (S-1-5-21-2883006920-4016149694-2905114558-1001 - Administrator - Enabled) => C:\Users\Kitt
WDAGUtilityAccount (S-1-5-21-2883006920-4016149694-2905114558-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.8.2432 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{CFC677DA-B231-4D6D-8C36-25DBC17ECDDF}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.8.1052 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{208E5E6C-8AF3-4302-8AFB-21FFA882DC2A}) (Version: 19.10.1635.0483 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.6 - Power Software Ltd)
Prohlížeč Seznam.cz (HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\Seznam Browser) (Version: 6.9.0 - Seznam.cz a.s.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2017.1206.2820.0_x64__343d40qqvtj1t [2017-12-22] (Amazon.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.114.500.0_x86__kgqvnymyfvs32 [2018-05-15] (king.com)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_140.1268.45465.0_x86__8xx8rvfyw5nnt [2017-12-13] (Facebook Inc)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-06-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_85.1.379.0_x64__v10z8vjag6ke6 [2018-05-08] (HP Inc.)
Lexmark Printer Home -> C:\Program Files\WindowsApps\58539F3C.LexmarkPrinterHome_3.0.73.0_neutral__xyj5e99tmxdva [2017-11-20] (Lexmark International, Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_3.2.0.9_x86__h6adky7gbf63m [2018-04-25] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-02-24] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2020-02-24] (Microsoft Studios) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.24.11382.0_x64__8wekyb3d8bbwe [2018-05-20] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2020-02-24] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2020-02-24] (Microsoft Corporation) [MS Ad]
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_3.9.2.0_x86__g0q0z3kw54rap [2018-05-18] (flaregames GmbH)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.152.0_x64__kzf8qxf38zg5c [2020-02-24] (Skype)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.0.9.0_neutral__wgeqdkkx372wm [2018-05-02] (Twitter Inc.)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_0.0.13313.0_x64__8wekyb3d8bbwe [2020-02-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2883006920-4016149694-2905114558-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-06-03 12:31 - 2017-06-03 12:32 - 012485120 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6\HPJumpStart.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HCTE
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {BD1B6A23-92F8-4CBF-B0BB-C08FCAA1E6E8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {BD1B6A23-92F8-4CBF-B0BB-C08FCAA1E6E8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2883006920-4016149694-2905114558-1001 -> {BD1B6A23-92F8-4CBF-B0BB-C08FCAA1E6E8} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-24] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-02-26 18:56 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-10-20 18:18 - 2017-10-24 23:38 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kitt\Pictures\fotky Turecko\IMG_0764.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "HP JumpStart Launch.lnk"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A24B25E6-365C-4B61-858E-5340EB7665FD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{C0DF2136-713F-466C-9D16-3838F9C16A04}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{ED5B05E5-15B9-4D37-BB37-81B7FBBA7EA4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8568772B-0E20-4B54-A62F-A31F0D5F9A96}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{49426F4D-271B-473A-BD2F-5ECD3C00F0B5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A94422C3-51D8-49BB-9B9F-6CDD4DA37A7E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{7B5B6E1D-2B7B-4F0B-AB21-BC2124B4B280}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BC12B560-D8E3-4F9B-858B-46D8CF920242}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2745E0E4-D31F-4677-B52B-573AAC210B1A}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{64046F8F-EF88-4FE4-B7CF-8555AA5B5017}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{80F2A173-6627-4687-B3E3-1FE2845F79CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-12-2020 17:07:58 Naplánovaný kontrolní bod
09-12-2020 12:19:26 Naplánovaný kontrolní bod
19-12-2020 16:22:18 Instalační služba modulů systému Windows
20-12-2020 17:05:03 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/24/2020 06:53:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6836,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2020 05:41:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3808,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2020 05:05:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (12/24/2020 05:05:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/24/2020 12:27:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8776,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2020 12:19:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8800,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2020 11:54:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11860,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2020 11:37:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9580,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (12/24/2020 05:07:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/24/2020 05:07:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (12/24/2020 05:05:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (12/24/2020 05:05:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (12/24/2020 05:05:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelIHVRouter04.dll

Error: (12/24/2020 05:04:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP JumpStart Bridge byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (12/24/2020 05:04:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/24/2020 05:04:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2020-12-24 18:51:46.976
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-24 17:40:26.281
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-24 17:39:49.710
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-24 17:39:48.364
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-24 17:39:47.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-24 17:39:45.367
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-24 17:39:45.077
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-24 17:39:45.036
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.44 08/07/2018
Motherboard: HP 81EF
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 79%
Total physical RAM: 4008.07 MB
Available physical RAM: 840.14 MB
Total Virtual: 4712.07 MB
Available Virtual: 1100.43 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:915.71 GB) (Free:851.78 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.83 GB) (Free:1.65 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c9746a4c-0b59-4e34-a46f-7901aee4ce66}\ () (Fixed) (Total:1.7 GB) (Free:1.14 GB) NTFS
\\?\Volume{a6e1cf0c-566a-4ae8-8420-c69e49714d43}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8E61EA2B)

Partition: GPT.

==================== End of Addition.txt =======================

Re: 100%ní využití disku

Napsal: 24 pro 2020 20:03
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {013771D7-2ACB-43B3-A61E-91A2510D1FAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {4EBA314C-1233-465E-B256-7E4EA660DB22} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DDB1FE7D-F7BA-40BD-AD37-024C53E75035} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [5046784 2017-10-24] () [File not signed]
Task: {FB6F9F10-9F28-41CF-9D4C-5CBC6B26653A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
C:\Users\Kitt\AppData\Local\{6A5CF22B-2678-4757-84A1-B92FF4789965}
C:\Users\Kitt\AppData\Local\{63E2CB70-F3BA-49ED-9625-578FBF462CCE}
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUT9067.tmp
ContextMenuHandlers1: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HCTE
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File

EmptyTemp:
End
Uložte do C:\Users\Kitt\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: 100%ní využití disku

Napsal: 24 pro 2020 20:15
od vidlpa00
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Kitt (24-12-2020 20:09:11) Run:1
Running from C:\Users\Kitt\Downloads
Loaded Profiles: Kitt
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {013771D7-2ACB-43B3-A61E-91A2510D1FAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {4EBA314C-1233-465E-B256-7E4EA660DB22} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {DDB1FE7D-F7BA-40BD-AD37-024C53E75035} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [5046784 2017-10-24] () [File not signed]
Task: {FB6F9F10-9F28-41CF-9D4C-5CBC6B26653A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
C:\Users\Kitt\AppData\Local\{6A5CF22B-2678-4757-84A1-B92FF4789965}
C:\Users\Kitt\AppData\Local\{63E2CB70-F3BA-49ED-9625-578FBF462CCE}
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUT9067.tmp
ContextMenuHandlers1: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> [CC]{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HCTE
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{013771D7-2ACB-43B3-A61E-91A2510D1FAD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{013771D7-2ACB-43B3-A61E-91A2510D1FAD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EBA314C-1233-465E-B256-7E4EA660DB22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EBA314C-1233-465E-B256-7E4EA660DB22}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{DDB1FE7D-F7BA-40BD-AD37-024C53E75035}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDB1FE7D-F7BA-40BD-AD37-024C53E75035}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB6F9F10-9F28-41CF-9D4C-5CBC6B26653A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB6F9F10-9F28-41CF-9D4C-5CBC6B26653A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Users\Kitt\AppData\Local\{6A5CF22B-2678-4757-84A1-B92FF4789965} => moved successfully
C:\Users\Kitt\AppData\Local\{63E2CB70-F3BA-49ED-9625-578FBF462CCE} => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Program Files (x86)\GUT9067.tmp => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-2883006920-4016149694-2905114558-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14785877 B
Java, Flash, Steam htmlcache => 1034 B
Windows/system/drivers => 1879030 B
Edge => 9806478 B
Chrome => 65829332 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 15398 B
NetworkService => 15398 B
defaultuser0 => 15398 B
Kitt => 57203219 B

RecycleBin => 35784 B
EmptyTemp: => 152.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:09:51 ====

Re: 100%ní využití disku

Napsal: 24 pro 2020 20:52
od Rudy
Smazáno. Nastala nějaká změna?

Re: 100%ní využití disku

Napsal: 25 pro 2020 20:43
od vidlpa00
Je to lepší, ale problém se 100%ním využitím disku nezmizel.
Celý den běžel "chkdsk /f /r" ale bohužel ani toto problém nevyřešilo.
Je ještě něco co by se dalo dělat nebo to spíše indikuje poškození HDD?
Díky.

Re: 100%ní využití disku

Napsal: 25 pro 2020 20:56
od Rudy
Který proces nejvíce zatěžuje disk?

Re: 100%ní využití disku

Napsal: 25 pro 2020 21:13
od vidlpa00
Právě že se tváří že žádný extrémně - co se týče disku.
U všech je 0, sem tam problikne něco u "system", případně avast.
Procesor a paměť to je chrome.

Re: 100%ní využití disku

Napsal: 25 pro 2020 21:56
od Rudy
Tak to nezjistíme nic. Bez toho, že budu znát konkrétní proces, který zátěž způsobuje, vám nemohu dát kvalifikovanou radu. Budete muset pokusně vypínat jednotlivé procesy. Začal bych u Avastu. Procesy lze vypnout do restartu PC ve správci úloh.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz