VIRY.CZ

Dobrý den,

prosím o p kontrolu FRST logu. Děkuji.


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{70f6a9e1-2d67-4358-b82d-7a1052a3ba68}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{bbca4167-4308-491e-b48a-09cb2078c374}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Petr Záruba\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-01]

FireFox:
========
FF DefaultProfile: xfw9pz2v.default
FF ProfilePath: C:\Users\Petr Záruba\AppData\Roaming\Mozilla\Firefox\Profiles\xfw9pz2v.default [2020-08-27]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petr Záruba\AppData\Roaming\Mozilla\Firefox\Profiles\xfw9pz2v.default\Extensions\sp@avast.com.xpi [2020-01-28]
FF ProfilePath: C:\Users\Petr Záruba\AppData\Roaming\Mozilla\Firefox\Profiles\k8y0i4xx.default-release-1625090252238 [2021-07-01]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8249936 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [625432 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1381656 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [373528 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\AppHelperCap.exe [734752 2021-05-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\DiagsCap.exe [733192 2021-05-24] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\NetworkCap.exe [733216 2021-05-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\SysInfoCap.exe [733720 2021-05-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_4950c0f0d48ae6e7\x64\TouchpointAnalyticsClientService.exe [489512 2021-05-14] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-03-26] (Alcorlink Corp. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216928 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [366616 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [182600 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524400 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851192 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327536 2021-06-28] (Avast Software s.r.o. -> AVAST Software)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-01 00:00 - 2021-07-01 00:01 - 000007552 _____ C:\Users\Petr Záruba\Desktop\FRST.txt
2021-06-30 23:58 - 2021-06-30 23:58 - 002300416 _____ (Farbar) C:\Users\Petr Záruba\Desktop\FRST64.exe
2021-06-30 23:57 - 2021-06-30 23:57 - 000000000 ____D C:\Users\Petr Záruba\Desktop\Původní data aplikace Firefox
2021-06-30 23:57 - 2021-06-30 23:57 - 000000000 ____D C:\Users\Petr Záruba\AppData\Local\OneDrive
2021-06-28 21:45 - 2021-06-28 21:45 - 000215384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-06-28 21:45 - 2021-06-28 21:44 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-06-25 16:43 - 2021-06-25 16:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-25 01:11 - 2021-06-26 01:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-22 07:22 - 2021-06-22 07:22 - 000000000 ____D C:\Users\Host\AppData\Local\ApplicationHistory
2021-06-20 22:50 - 2021-06-20 22:50 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-06-14 22:08 - 2021-06-27 00:13 - 000002262 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-06-14 22:08 - 2021-06-27 00:13 - 000002182 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-06-14 22:08 - 2021-06-14 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2021-06-14 22:07 - 2021-06-14 22:07 - 000000000 ____D C:\Program Files (x86)\AMD
2021-06-14 22:05 - 2021-04-12 09:22 - 001857224 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-14 22:05 - 2021-04-12 09:22 - 001857224 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-14 22:05 - 2021-04-12 09:22 - 001592544 _____ (AMD) C:\WINDOWS\system32\coinst_20.50.dll
2021-06-14 22:05 - 2021-04-12 09:22 - 001437896 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-14 22:05 - 2021-04-12 09:22 - 001437896 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-14 22:05 - 2021-04-12 09:22 - 001093096 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-14 22:05 - 2021-04-12 09:22 - 001093096 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-14 22:05 - 2021-04-12 09:22 - 000946272 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-14 22:05 - 2021-04-12 09:22 - 000946272 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-14 22:05 - 2021-04-12 09:22 - 000019256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-06-14 22:05 - 2021-04-12 09:22 - 000019256 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-06-14 22:05 - 2021-04-12 09:21 - 001492176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-06-14 22:05 - 2021-04-12 09:21 - 001338576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-06-14 22:05 - 2021-04-12 09:21 - 000129744 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-14 22:05 - 2021-04-12 07:56 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-06-14 22:05 - 2021-04-12 07:56 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-06-14 22:05 - 2021-04-12 07:56 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-06-14 22:05 - 2021-04-12 07:56 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-06-14 22:05 - 2021-04-12 07:56 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-06-11 21:45 - 2021-06-11 21:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-11 21:45 - 2021-06-11 21:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-11 21:45 - 2021-06-11 21:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-11 21:44 - 2021-06-11 21:44 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-11 21:44 - 2021-06-11 21:44 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-11 21:44 - 2021-06-11 21:44 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-11 21:44 - 2021-06-11 21:44 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-11 21:44 - 2021-06-11 21:44 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-11 21:44 - 2021-06-11 21:44 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-11 21:44 - 2021-06-11 21:44 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-11 21:43 - 2021-06-11 21:43 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-11 21:43 - 2021-06-11 21:43 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-11 21:43 - 2021-06-11 21:43 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-11 21:42 - 2021-06-11 21:42 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-11 21:42 - 2021-06-11 21:42 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-11 21:42 - 2021-06-11 21:42 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-11 21:42 - 2021-06-11 21:42 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-11 21:42 - 2021-06-11 21:42 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-05 09:11 - 2021-06-05 09:13 - 000000000 ____D C:\Users\Host\Desktop\2021
2021-06-03 00:19 - 2021-06-26 12:25 - 000000000 ____D C:\Users\Host\AppData\Local\Avast Software
2021-06-03 00:19 - 2021-06-03 00:19 - 000000000 ____D C:\Users\Petr Záruba\AppData\Local\Avast Software

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-01 00:00 - 2020-03-15 13:36 - 000000000 ____D C:\FRST
2021-06-30 23:59 - 2019-08-29 20:17 - 000000000 ____D C:\Users\Petr Záruba\AppData\Local\D3DSCache
2021-06-30 23:58 - 2020-01-29 00:03 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-30 23:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-30 23:58 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-30 23:57 - 2020-11-15 13:22 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2689317223-3959950762-4002007104-1001
2021-06-30 23:57 - 2020-11-15 12:33 - 000002390 _____ C:\Users\Petr Záruba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-30 23:57 - 2020-04-06 09:57 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-30 23:57 - 2020-02-12 17:52 - 000000000 ____D C:\Users\Petr Záruba\AppData\LocalLow\Mozilla
2021-06-30 23:57 - 2019-08-29 20:20 - 000000000 ___RD C:\Users\Petr Záruba\OneDrive
2021-06-30 23:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-30 23:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-30 23:55 - 2019-08-29 20:17 - 000000000 ___RD C:\Users\Petr Záruba\3D Objects
2021-06-30 23:55 - 2019-08-29 20:17 - 000000000 ____D C:\Users\Petr Záruba\AppData\Local\Packages
2021-06-30 23:55 - 2019-04-15 17:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-06-30 23:38 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-30 22:21 - 2020-11-15 13:24 - 001721460 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-30 22:21 - 2019-12-07 16:41 - 000717450 _____ C:\WINDOWS\system32\perfh005.dat
2021-06-30 22:21 - 2019-12-07 16:41 - 000154626 _____ C:\WINDOWS\system32\perfc005.dat
2021-06-30 22:15 - 2020-01-29 00:04 - 000000000 ____D C:\Users\Host\AppData\LocalLow\Mozilla
2021-06-30 22:14 - 2020-11-15 13:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-30 22:14 - 2020-11-15 13:11 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-30 22:14 - 2020-01-28 23:54 - 000000000 ____D C:\ProgramData\AVAST Software
2021-06-30 22:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-30 22:13 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-06-30 19:13 - 2020-11-15 13:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-30 16:26 - 2020-11-28 11:25 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bb4135da87db
2021-06-30 16:26 - 2020-11-15 13:22 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-29 08:28 - 2020-11-15 13:22 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-06-29 01:37 - 2020-11-14 17:39 - 000016930 _____ C:\Users\Host\Desktop\poptavky.ods
2021-06-28 21:45 - 2020-10-13 19:13 - 000182600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-06-28 21:45 - 2020-04-12 15:00 - 000524400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-06-28 21:45 - 2020-01-28 23:55 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-06-28 21:45 - 2020-01-28 23:55 - 000327536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-06-28 21:45 - 2020-01-28 23:55 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-06-28 21:45 - 2020-01-28 23:55 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-06-28 21:45 - 2020-01-28 23:55 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-06-28 21:45 - 2020-01-28 23:55 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-06-28 21:45 - 2020-01-28 23:55 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-06-28 21:45 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-28 21:44 - 2020-01-28 23:55 - 000851192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-06-28 21:44 - 2020-01-28 23:55 - 000366616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-06-28 21:44 - 2020-01-28 23:55 - 000216928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-06-28 19:38 - 2020-11-15 13:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-06-27 00:13 - 2020-11-15 13:22 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2689317223-3959950762-4002007104-1002
2021-06-26 11:58 - 2020-06-05 14:40 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-26 11:58 - 2020-06-05 14:40 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-26 11:58 - 2020-06-05 14:40 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-26 01:58 - 2020-11-15 13:11 - 000573400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-26 01:57 - 2020-01-29 00:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-26 01:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-26 01:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-26 01:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-26 01:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-26 01:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-26 01:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-26 01:56 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-26 01:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-26 01:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-26 01:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-26 01:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-26 01:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-26 01:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-26 01:03 - 2020-11-15 12:33 - 000002369 _____ C:\Users\Host\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-26 01:03 - 2020-01-28 19:02 - 000000000 ___RD C:\Users\Host\OneDrive
2021-06-25 16:43 - 2020-01-29 00:04 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-25 01:07 - 2020-06-22 21:51 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-25 01:07 - 2020-06-22 21:51 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-25 01:07 - 2020-06-22 21:51 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-06-15 19:14 - 2020-08-31 08:12 - 000000000 ____D C:\Users\Host\AppData\Local\cache
2021-06-14 22:08 - 2019-08-29 19:27 - 000000000 ____D C:\Program Files\AMD
2021-06-13 16:41 - 2020-08-15 22:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-12 00:03 - 2020-11-15 13:22 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-06-12 00:03 - 2020-11-15 13:22 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-12 00:03 - 2020-11-15 13:22 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-12 00:03 - 2020-11-15 13:22 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-11 21:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-11 21:24 - 2020-02-10 07:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-11 21:10 - 2020-02-10 07:47 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-09 21:03 - 2020-01-28 18:59 - 000000000 ____D C:\Users\Host\AppData\Local\D3DSCache
2021-06-08 16:35 - 2020-02-12 18:03 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-07 02:18 - 2020-11-15 12:33 - 000000000 ____D C:\Users\Host
2021-06-06 13:08 - 2020-01-28 23:50 - 000000000 ____D C:\Users\Host\AppData\Local\PlaceholderTileLogoFolder
2021-06-01 23:37 - 2020-04-04 11:27 - 000000000 ____D C:\Users\Host\Desktop\Doc_safe

==================== Files in the root of some directories ========

2020-06-18 14:05 - 2020-06-18 14:05 - 000001297 _____ () C:\Users\Petr Záruba\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2021
Ran by Petr Záruba (01-07-2021 00:02:15)
Running from C:\Users\Petr Záruba\Desktop
Windows 10 Home Version 20H2 19042.1052 (X64) (2020-11-15 11:22:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

42072 (S-1-5-21-2689317223-3959950762-4002007104-1003 - Limited - Disabled)
Administrator (S-1-5-21-2689317223-3959950762-4002007104-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2689317223-3959950762-4002007104-1006 - Limited - Enabled)
DefaultAccount (S-1-5-21-2689317223-3959950762-4002007104-503 - Limited - Disabled)
Guest (S-1-5-21-2689317223-3959950762-4002007104-501 - Limited - Disabled)
Host (S-1-5-21-2689317223-3959950762-4002007104-1002 - Limited - Enabled) => C:\Users\Host
Petr Záruba (S-1-5-21-2689317223-3959950762-4002007104-1001 - Administrator - Enabled) => C:\Users\Petr Záruba
WDAGUtilityAccount (S-1-5-21-2689317223-3959950762-4002007104-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2021.0331.2321.42035 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.30.09 - Advanced Micro Devices, Inc.)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.5.2470 - Avast Software)
Branding64 (HKLM\...\{7659552A-136F-4615-A9FA-3E3EF2CCA77C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Czech Soccer Manager (HKU\S-1-5-21-2689317223-3959950762-4002007104-1001\...\Czech Soccer Manager) (Version: - )
GIMP 2.10.20 (HKU\S-1-5-21-2689317223-3959950762-4002007104-1002\...\GIMP-2_is1) (Version: 2.10.20 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.)
HP DeskJet 2130 series Nápověda (HKLM-x32\...\{C8CCFDF2-9CB2-4714-BCE5-17178CB71646}) (Version: 35.0.0 - Hewlett Packard)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.0 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.0.0- - Inkscape)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.59 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2689317223-3959950762-4002007104-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2689317223-3959950762-4002007104-1002\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2689317223-3959950762-4002007104-1002\...\Teams) (Version: 1.3.00.24755 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Mozilla Firefox 89.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 89.0.2 (x64 cs)) (Version: 89.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 2130 series (HKLM\...\{A6640A96-7F5D-4480-8D50-F3A0BB58C096}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Základní software zařízení HP DeskJet 2130 series (HKLM\...\{E1B7356D-B08B-4B2C-A8C3-EAB12EB743DE}) (Version: 35.0.61.54677 - Hewlett-Packard Co.)

Packages:
=========
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6 [2021-06-30] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-12] (Microsoft Corporation) [MS Ad]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-15] (Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2689317223-3959950762-4002007104-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-06-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1_S-1-5-21-2689317223-3959950762-4002007104-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-06-20 01:35 - 2020-06-20 01:35 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2689317223-3959950762-4002007104-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2689317223-3959950762-4002007104-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2689317223-3959950762-4002007104-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2689317223-3959950762-4002007104-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {5B7ACB8C-952C-4614-9611-9FBBFB7932C1} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {5B7ACB8C-952C-4614-9611-9FBBFB7932C1} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-2689317223-3959950762-4002007104-1001 -> {5B7ACB8C-952C-4614-9611-9FBBFB7932C1} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-02-20] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-02-20] (HP Inc. -> HP Inc.)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-08-27 17:22 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2689317223-3959950762-4002007104-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-2689317223-3959950762-4002007104-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FDAE7756-E90C-41EF-9C2E-D98054D9AB19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{97B79C6D-C289-42F4-AF36-1F115BE2F80C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{7943A5EE-381D-43B6-8230-412DB0B4FE92}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F4757A2A-3511-4A22-B152-01A7DBDFA1D7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{260E4534-8719-4585-AF91-C186EF5DCDAC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Empire Total War\Empire.exe (Sega Europe Limited -> The Creative Assembly Ltd)
FirewallRules: [{3A0FA5C1-D0BF-41F7-871C-9407A9F0BB92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Empire Total War\Empire.exe (Sega Europe Limited -> The Creative Assembly Ltd)
FirewallRules: [{C23E3B78-5F91-4AFE-A0C5-A82D9ED89DA7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{181B35E7-73F4-4E2A-90D2-A51819726E7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3C09D623-62A0-418F-9776-BBEBE35C0EAE}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{E58A6FB3-53AA-4DA0-8567-6D16995AFDCB}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{164E1F79-17CC-4A9F-83D3-B824FD27DA11}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{78D58255-9AC4-4D7A-8121-3784C23DF759}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B653BA90-2CF9-43EA-926F-064A6337F279}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DD579D56-DFED-4575-ADFD-9ECBCB24596F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FF6ADC1-E0D7-4A39-BB94-47E12DD876D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E353C465-17CD-4AB7-899A-9D41BC606508}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2038B2B6-DE36-44D2-87EA-AFA196FDC41C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5716874D-98CD-4A71-A950-2F5A46FA8942}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65512543-B4E8-458F-9573-CD09D1223291}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B51FDF26-B49D-459F-8CA5-23B644C083A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4288DADB-A40E-4E1A-AAF3-29678EF7B400}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53F3D71E-559B-4458-91C2-AD4BB3B3BF2E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F9807866-E30D-43BB-AD03-0223D49FB8B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7F799B55-25D4-4DE2-AC35-B72FDDB382C9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46451351-C7DB-4886-9465-272A07F71CD0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.43 GB) (Free:37.23 GB) (31%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/30/2021 11:55:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 7036, identifikátor PID ProfSvc: 1312.

Error: (06/30/2021 11:55:23 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe, identifikátor PID: 4028, identifikátor PID ProfSvc: 1312.

Error: (06/23/2021 12:49:00 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 2308, identifikátor PID ProfSvc: 1768.

Error: (06/23/2021 12:49:00 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1396, identifikátor PID ProfSvc: 1768.

Error: (06/23/2021 12:49:00 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe, identifikátor PID: 4036, identifikátor PID ProfSvc: 1768.

Error: (06/23/2021 12:49:00 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe, identifikátor PID: 4036, identifikátor PID ProfSvc: 1768.

Error: (06/09/2021 11:15:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program svchost.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: c6c

Čas spuštění: 01d75d5edaf7a5fe

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\System32\svchost.exe

ID hlášení: 871a36be-5d9f-431b-bdd1-4ffda1311521

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-process

Error: (06/03/2021 12:18:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


System errors:
=============
Error: (06/30/2021 10:50:12 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-SOU2LT8G)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (06/30/2021 10:44:18 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-SOU2LT8G)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (06/30/2021 10:17:56 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-SOU2LT8G)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (06/30/2021 10:14:27 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-SOU2LT8G)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (06/30/2021 10:14:25 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-SOU2LT8G)
Description: Nelze spustit server DCOM: Microsoft.AAD.BrokerPlugin_1000.19041.1023.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider

Error: (06/30/2021 10:13:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SOU2LT8G)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/30/2021 10:13:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SOU2LT8G)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/30/2021 10:13:36 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SOU2LT8G)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2021-06-30 22:18:31
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-06-30 22:15:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Insyde F.20 05/15/2019
Motherboard: HP 84AE
Processor: AMD Ryzen 3 2200U with Radeon Vega Mobile Gfx
Percentage of memory in use: 89%
Total physical RAM: 3491.27 MB
Available physical RAM: 357.97 MB
Total Virtual: 7587.27 MB
Available Virtual: 3687.16 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:118.43 GB) (Free:37.23 GB) NTFS

\\?\Volume{7d3eef50-120c-43fd-9ceb-1786b495ab1e}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{814a0e6a-e6d2-49b4-bffb-f02d541f07df}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 3625E36B)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-07-2021
# Duration: 00:00:15
# OS: Windows 10 Home
# Scanned: 31985
# Detected: 23


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{733266E3-63A8-431D-99FC-D9379BB8FBD9}

Omlouvám se, v předchozím příspěvku jsem nezkopíroval celé znění scanu. Výsledek ukládám do přílohy.

Preinstalled jsou neškodné utility od HP. Mazat netřeba. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Dobrý den,

omlouvám se, že to tak dlouho trvalo, níže vkládám log. Děkuji.


Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2021
Ran by Petr Záruba (12-07-2021 09:23:16) Run:4
Running from C:\Users\Petr Záruba\Desktop
Loaded Profiles: Petr Záruba & Host
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No File
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\PROTOCOLS\Filter\application/octet-stream => not found
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-complus => not found
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-msdownload => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 11558912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8425568 B
Java, Flash, Steam htmlcache => 132097 B
Windows/system/drivers => 8178 B
Edge => 0 B
Chrome => 0 B
Firefox => 17739358 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4672 B
NetworkService => 4672 B
Petr Záruba => 24989 B
Host => 24989 B

RecycleBin => 3660 B
EmptyTemp: => 36.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:23:23 ====

Log by již měl být OK.