VIRY.CZ

Dobrý den,

prosím o kontrolu přiloženého logu. Děkuji


==================== Memory info ===========================

BIOS: Hewlett-Packard 68SCF Ver. F.08 08/26/2011
Motherboard: Hewlett-Packard 161C
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 91%
Total physical RAM: 4006.36 MB
Available physical RAM: 324.21 MB
Total Virtual: 8102.36 MB
Available Virtual: 4481.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.17 GB) (Free:178.39 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{ea556af6-7159-11e4-a176-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{b1d89fcc-0000-0000-0000-40d139000000}\ () (Fixed) (Total:0.8 GB) (Free:0.24 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B1D89FCC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=818 MB) - (Type=27)

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by User (administrator) on USER-PC (Hewlett-Packard HP EliteBook 8460p) (23-04-2022 10:58:48)
Running from C:\Users\User\Desktop
Loaded Profiles: User & DefaultAppPool
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google) C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\100.281.200\software_reporter_tool.exe <4>
(C:\Program Files (x86)\Google\Temp\GUM946F.tmp\GoogleUpdate.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(C:\Program Files (x86)\Google\Update\Install\{14747B01-6339-487C-8C2F-DE1B08D25B13}\GoogleUpdateSetup.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Temp\GUM946F.tmp\GoogleUpdate.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\MicrosoftEdge_X64_100.0.1185.50_100.0.1185.44.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\EDGEMITMP_392A1.tmp\setup.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\MicrosoftEdge_X64_100.0.1185.50_100.0.1185.44.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_16031778\instup.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\sbr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <42>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{14747B01-6339-487C-8C2F-DE1B08D25B13}\GoogleUpdateSetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(svchost.exe ->) (Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\avast software\overseer\overseer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2016-10-13] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2016-10-13] (Intel Corporation -> Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [sznAgent] => C:\Users\User\AppData\Roaming\Seznam Browser-be182612-c9e6-43cb-b5e9-52a10253f4ef\sznAgent\Seznam.cz.exe [168296 2021-12-08] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540400 2022-04-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DLL [597792 2013-09-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\x64\us003pc.dll [43520 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us003 Langmon: C:\WINDOWS\system32\us003lm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {0F2FF57F-9524-4996-BAA2-BAFD59D96419} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11C3783E-DE66-4E1B-8C7D-2D9DEE4CE1D1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752384 2021-02-25] (HP Inc. -> )
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {36A62E49-B705-4DE9-8BB2-D0D412E19468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4674752B-CE0B-4E65-8B87-CDD850C70B4F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A6E0CEF-EE0E-4442-A258-B8C71A07DCD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4AF7F516-BE64-4FB7-A2A8-7279EFA515BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4CEBD837-CD6B-4066-8BED-3CE2210E461A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57D384A4-43A3-475B-AFEC-80FA025AEAE6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {58F12A66-94FD-47E1-8670-758B51B7A354} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65B383A9-BFC2-4994-AAA1-C87987D782B8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4992280 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {6FFCEEF5-2869-4261-A140-BA2CE1747629} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {70A91560-141E-49E3-9D22-E627395819B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {934CCB92-5324-494E-8B63-D264E0223497} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2296088 2022-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AA4D8F8A-DECD-42CD-90FA-B5515EB729BC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AB392A12-5D17-4BB0-841F-8F80FB7DF474} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe (No File)
Task: {AB5FAAA0-6B29-41AE-8042-0BBE866D6E9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B0324F95-BCA2-42C0-A20E-7F0D9438119C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F0A3424C-E23C-4E12-AA08-F2A7EA8BD45A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {F3B3FADB-6DB6-40C5-9D8E-E82C81FF66EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9f21d08e-778b-48ff-a756-294c04d5aeb1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dca730cd-5246-456b-a0d0-7c37960977a8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ddc50129-4591-4e9e-922a-136507dcf748}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e38b3080-d786-4851-a737-1104c467905f}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-23]

FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-04-23]
CHR Notifications: Default -> hxxps://cs.soringpcrepair.com; hxxps://free-message.services; hxxps://message-alert.info; hxxps://pushpush.net; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-03-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2016-10-13] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8483920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [564504 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [563992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2016-07-25] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2016-10-13] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228928 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [370752 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269440 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546320 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855336 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [551920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 johci; C:\WINDOWS\System32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-20] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-23 11:06 - 2022-04-23 11:01 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asweeabb177b1e95a80.tmp
2022-04-23 11:06 - 2022-04-23 11:00 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-04-23 10:58 - 2022-04-23 11:07 - 000029071 _____ C:\Users\User\Desktop\FRST.txt
2022-04-23 10:55 - 2022-04-23 11:01 - 000000000 ____D C:\FRST
2022-04-23 10:47 - 2022-04-23 10:52 - 002366976 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-04-17 09:24 - 2022-04-17 09:24 - 000171928 _____ C:\Users\User\Documents\cc_20220417_092406.reg
2022-04-15 20:51 - 2022-04-15 20:51 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-15 20:50 - 2022-04-15 20:50 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-15 20:49 - 2022-04-15 20:49 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-15 20:47 - 2022-04-15 20:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-15 19:29 - 2022-04-15 19:29 - 000000000 ___HD C:\$WinREAgent
2022-04-13 20:54 - 2022-04-13 20:54 - 001154736 _____ (Avast Software) C:\Users\User\Downloads\avast_cleanup_online_setup.exe
2022-04-09 16:08 - 2022-04-09 16:10 - 066988883 _____ C:\Users\User\Downloads\zasilka-XCR3G7Z3WUG5RSJT.zip
2022-04-08 21:20 - 2022-04-08 21:20 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-04-08 21:16 - 2022-04-08 21:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-04-08 21:14 - 2022-04-08 21:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-04-08 21:12 - 2022-04-08 21:12 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-04-08 21:11 - 2022-04-08 21:11 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-04-04 08:08 - 2022-04-04 08:08 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-04-03 17:05 - 2022-04-03 17:04 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-23 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-23 11:17 - 2020-08-06 12:56 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-23 11:17 - 2020-08-06 12:56 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-23 11:15 - 2021-12-11 17:54 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 15:12 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 14:40 - 000002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-23 11:08 - 2020-07-29 15:12 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-04-23 11:08 - 2017-12-10 14:42 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-04-23 11:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-23 11:05 - 2016-02-07 14:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-23 11:01 - 2020-10-26 13:14 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-04-23 11:01 - 2020-04-21 11:53 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000036768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-04-23 10:49 - 2017-02-13 15:41 - 000000000 ____D C:\Program Files\CCleaner
2022-04-23 10:48 - 2017-04-25 19:02 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2022-04-23 10:41 - 2020-07-29 14:59 - 001874804 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-23 10:41 - 2019-12-07 16:43 - 000782820 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-23 10:41 - 2019-12-07 16:43 - 000172518 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-23 10:41 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-23 10:33 - 2020-07-29 15:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-23 10:33 - 2020-07-29 14:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-23 10:33 - 2020-07-29 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-17 09:40 - 2017-10-10 22:29 - 000000000 ____D C:\ProgramData\AVAST Software
2022-04-17 09:38 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-17 09:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-17 09:22 - 2020-07-29 15:12 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C6EB98C-803D-4DAD-BC91-0B73F657AFD3}
2022-04-17 09:18 - 2020-03-09 16:52 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2022-04-16 11:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-15 21:43 - 2020-07-29 14:33 - 000289736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-15 21:39 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 21:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-14 07:43 - 2017-12-11 14:55 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2022-04-13 20:25 - 2015-09-03 11:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 20:21 - 2015-09-03 11:24 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-12 18:46 - 2020-07-29 15:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-12 18:37 - 2016-02-07 14:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-12 18:37 - 2016-02-07 14:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-10 08:38 - 2021-01-24 17:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-08 23:00 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-04-08 22:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-04-08 21:11 - 2020-07-29 14:38 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-07 08:32 - 2020-08-06 12:55 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-07 08:32 - 2020-08-06 12:55 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 20:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-03 17:04 - 2020-10-26 13:14 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
2022-04-03 17:04 - 2020-04-21 11:53 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp

==================== Files in the root of some directories ========

2020-10-16 09:15 - 2020-11-27 10:28 - 000001540 _____ () C:\Users\User\AppData\Roaming\debug.log
2016-07-26 13:29 - 2016-07-26 13:29 - 000000000 _____ () C:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
2016-07-27 18:20 - 2016-07-27 18:20 - 000000000 _____ () C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Log Addition není kompletní.

Tak druhý pokus

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by User (23-04-2022 14:20:14)
Running from C:\Users\User\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) (2020-07-29 13:14:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2312916346-564570717-1298912178-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2312916346-564570717-1298912178-503 - Limited - Disabled)
Guest (S-1-5-21-2312916346-564570717-1298912178-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2312916346-564570717-1298912178-1002 - Limited - Enabled)
User (S-1-5-21-2312916346-564570717-1298912178-1000 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2312916346-564570717-1298912178-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84238}) (Version: 1.7.38.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.38.0 - Alcor Micro Corp.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{7a06df8f-4c5a-4207-aa9e-019406e3a46d}) (Version: 17.1.0 - Intel Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.3.6008 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.92 - Piriform)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{3F728815-C7E8-40EA-8D1A-F7B8E2382325}) (Version: 3.4.10.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{7D37E9C6-0366-499E-BF14-AA0C8047559B}) (Version: 4.0.80.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Prohlížeč Seznam.cz (HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Seznam Browser) (Version: 6.19.0 - Seznam.cz a.s.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.59 (13.4.2021) - HP Development Company, L.P.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.7.2017) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.5.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.29 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.1 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-04-08] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-07-13] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-20] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-03-09] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2016-07-25 17:23 - 2016-03-24 05:56 - 002817536 _____ () [File not signed] C:\WINDOWS\system32\DlgSearchEngine.dll
2018-06-14 10:44 - 2018-06-14 10:44 - 000087552 _____ () [File not signed] C:\WINDOWS\system32\SSDEVM64.DLL
2016-10-13 11:32 - 2016-10-13 11:31 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2013-05-16 07:52 - 2013-05-16 07:52 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-05-16 07:52 - 2013-05-16 07:52 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-10-13 11:32 - 2016-10-13 11:31 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2312916346-564570717-1298912178-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2312916346-564570717-1298912178-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Bezdrátové připojení k síti: Protokol Intel® Centrino® Wireless Bluetooth® + High Speed -> amppalp (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "QLBController"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\StartupApproved\Run: => "sznAgent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1F03CF55-0242-4389-A723-F701D0B92EF8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe () [File not signed]
FirewallRules: [{2FD07A77-ECA8-407D-9B05-F6BC00695683}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe () [File not signed]
FirewallRules: [UDP Query User{E4F0A766-1FE3-43A0-874F-EC0B9EBA422D}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Block) C:\program files (x86)\samsung\easy document creator\edc.exe () [File not signed]
FirewallRules: [TCP Query User{8A4ACE17-E417-4068-A59D-941F644965F7}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Block) C:\program files (x86)\samsung\easy document creator\edc.exe () [File not signed]
FirewallRules: [{D1D7CE2A-3B3F-49DB-BACA-FCAF942D81DA}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe (ZONER software) [File not signed]
FirewallRules: [{7E4882F3-8269-4593-A39D-6212D5936FC9}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0E04E0B4-9CEE-40E8-A118-D825B8A78A86}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{2FD1FDD3-FBAD-4F93-BB18-351A0BFDA749}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{4C9ACC8B-545B-46AC-BACE-B8E74A6B8912}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{B62046E8-09F5-4ABC-86FD-928EF589611E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7336E6E6-ABCD-4F9C-A531-DB6A488377A1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{995C4705-DCD5-4CE1-8C90-C07962B03019}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{72C4A494-7A38-4740-B83A-55363E1F82A9}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{91326404-2801-42CF-94CE-C4867B6CEB4A}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F4AFA112-1526-48ED-92A0-E759883AE6E4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{ECD61BC1-0B53-416E-BF54-DA40A6A82014}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{C711B1CF-C604-4D69-BBC0-04C941DCDFC0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4A36321A-9482-4284-8648-B54FDC0959F3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{733A95A1-7E0C-42BD-9437-09A0671B072A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A7467B3-7086-4049-B9FD-42715D308416}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{87B9E64B-14F5-4D01-854C-AC69B9DA660F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C2BE0F-BA6A-48FD-965D-4A42BFAAE200}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{42816947-43DE-4E1B-A8FB-3DB849D965E4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{1E2B2AEA-7D5D-4C04-9244-5EF6D196D062}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7DDEEF25-B81E-48AD-A714-7A72F7F33E72}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7FB66747-ACF1-46B8-B383-D01D9FEF2630}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7B61E014-FA4B-42CB-94D3-91E88AD4CBC1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7F429F55-6A5E-4E16-8FC6-78B72E0A8E88}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8D8EE581-5162-4C56-A0F1-C89068CEF9D2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BFBB018E-1347-4A0C-827F-3079A5AD15BD}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{26A7B0F3-A46B-410B-A005-7041E16686C2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1503D741-E655-4E06-BD66-D83F7B132ACD}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{68E26EDD-8731-4C98-B9EB-93695E7AC7E8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{03E689F9-E8E5-4712-A45D-4A2D525413AA}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2BA9A16C-46EB-4422-BCAB-2D942A9ACB05}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0BC9E5BB-A283-4C64-B19D-237308EB685D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E3B7479B-B547-480C-840D-0153EBBD864A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0DB68751-630C-4D7E-8E80-B93234DDED58}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A7590DA8-48A7-4246-8C79-65A6D948D2C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3550869-B2ED-4D1B-BB26-3699D8CFBD90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F52B472D-F7A3-4358-BD19-6295CE9259BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55893C2F-723E-4A36-B194-A6AA0DDF9965}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8815FED-A3BE-4080-B01D-AF146AF2E780}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7A18F4B2-F4CD-414B-88E3-9573DAB51052}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A691414-979B-4B28-813B-A1E7CBA39BFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/23/2022 02:12:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/23/2022 02:06:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/23/2022 01:37:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/23/2022 01:32:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/23/2022 12:01:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (04/23/2022 10:47:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Název chybujícího modulu: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000010476
ID chybujícího procesu: 0x1474
Čas spuštění chybující aplikace: 0x01d856ee643c7370
Cesta k chybující aplikaci: C:\Program Files\IDT\WDM\sttray64.exe
Cesta k chybujícímu modulu: C:\Program Files\IDT\WDM\sttray64.exe
ID zprávy: 5a3f995f-790d-4199-b793-e2cff4054052
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/23/2022 10:45:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.722.3302.0, časové razítko: 0x62447170
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1645, časové razítko: 0x630193b4
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b362
ID chybujícího procesu: 0x1970
Čas spuštění chybující aplikace: 0x01d856ee53df324b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8b52312f-451d-441e-b011-f0d9aa50db16
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (04/23/2022 10:45:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Název chybujícího modulu: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000010476
ID chybujícího procesu: 0x1474
Čas spuštění chybující aplikace: 0x01d856ee643c7370
Cesta k chybující aplikaci: C:\Program Files\IDT\WDM\sttray64.exe
Cesta k chybujícímu modulu: C:\Program Files\IDT\WDM\sttray64.exe
ID zprávy: 81d5c38b-4ef9-4d10-91e1-d5acc30872c7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (04/23/2022 11:31:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Správce instalace zařízení neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/23/2022 11:31:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Správce instalace zařízení bylo dosaženo časového limitu (30000 ms).

Error: (04/23/2022 10:39:05 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (04/23/2022 10:35:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Software Framework Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/23/2022 10:35:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HP Software Framework Service bylo dosaženo časového limitu (45000 ms).

Error: (04/23/2022 10:34:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NcbService byla ukončena s následující chybou:
Zařízení připojené k systému nefunguje.

Error: (04/23/2022 10:33:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:39:31, ‎17.‎04.‎2022) bylo neočekávané.

Error: (04/17/2022 09:37:49 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.


CodeIntegrity:
===============
Date: 2022-04-23 11:07:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-04-23 10:46:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\setup\uat_3016.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-23 10:39:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Hewlett-Packard 68SCF Ver. F.08 08/26/2011
Motherboard: Hewlett-Packard 161C
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 83%
Total physical RAM: 4006.36 MB
Available physical RAM: 652.52 MB
Total Virtual: 8102.36 MB
Available Virtual: 2724.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.17 GB) (Free:184.96 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{ea556af6-7159-11e4-a176-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{b1d89fcc-0000-0000-0000-40d139000000}\ () (Fixed) (Total:0.8 GB) (Free:0.24 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B1D89FCC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=818 MB) - (Type=27)

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by User (administrator) on USER-PC (Hewlett-Packard HP EliteBook 8460p) (23-04-2022 14:15:21)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2016-10-13] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2016-10-13] (Intel Corporation -> Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [sznAgent] => C:\Users\User\AppData\Roaming\Seznam Browser-be182612-c9e6-43cb-b5e9-52a10253f4ef\sznAgent\Seznam.cz.exe [168296 2021-12-08] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540408 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\RunOnce: [Uninstall 22.055.0313.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\22.055.0313.0001"
HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DLL [597792 2013-09-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\x64\us003pc.dll [43520 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us003 Langmon: C:\WINDOWS\system32\us003lm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {0F2FF57F-9524-4996-BAA2-BAFD59D96419} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11C3783E-DE66-4E1B-8C7D-2D9DEE4CE1D1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752384 2021-02-25] (HP Inc. -> )
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {36A62E49-B705-4DE9-8BB2-D0D412E19468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4674752B-CE0B-4E65-8B87-CDD850C70B4F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A6E0CEF-EE0E-4442-A258-B8C71A07DCD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4AF7F516-BE64-4FB7-A2A8-7279EFA515BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4CEBD837-CD6B-4066-8BED-3CE2210E461A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57D384A4-43A3-475B-AFEC-80FA025AEAE6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {58F12A66-94FD-47E1-8670-758B51B7A354} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {6FFCEEF5-2869-4261-A140-BA2CE1747629} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {70A91560-141E-49E3-9D22-E627395819B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {934CCB92-5324-494E-8B63-D264E0223497} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2296088 2022-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AA4D8F8A-DECD-42CD-90FA-B5515EB729BC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AB392A12-5D17-4BB0-841F-8F80FB7DF474} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe (No File)
Task: {AB5FAAA0-6B29-41AE-8042-0BBE866D6E9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B0324F95-BCA2-42C0-A20E-7F0D9438119C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B2104D91-9840-448E-9D33-AC0115D6A514} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4992792 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F0A3424C-E23C-4E12-AA08-F2A7EA8BD45A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {F3B3FADB-6DB6-40C5-9D8E-E82C81FF66EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9f21d08e-778b-48ff-a756-294c04d5aeb1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dca730cd-5246-456b-a0d0-7c37960977a8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ddc50129-4591-4e9e-922a-136507dcf748}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e38b3080-d786-4851-a737-1104c467905f}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-23]

FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-04-23]
CHR Notifications: Default -> hxxps://cs.soringpcrepair.com; hxxps://free-message.services; hxxps://message-alert.info; hxxps://pushpush.net; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-03-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2016-10-13] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8483920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [564504 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [563992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2016-07-25] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2016-10-13] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36768 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228912 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [378944 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252984 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100408 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42400 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269448 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546296 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83968 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855320 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [556088 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [320904 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 johci; C:\WINDOWS\System32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-20] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-23 11:06 - 2022-04-23 11:01 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asweeabb177b1e95a80.tmp
2022-04-23 11:06 - 2022-04-23 11:00 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-04-23 10:58 - 2022-04-23 14:17 - 000026587 _____ C:\Users\User\Desktop\FRST.txt
2022-04-23 10:55 - 2022-04-23 14:16 - 000000000 ____D C:\FRST
2022-04-23 10:47 - 2022-04-23 10:52 - 002366976 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-04-17 09:24 - 2022-04-17 09:24 - 000171928 _____ C:\Users\User\Documents\cc_20220417_092406.reg
2022-04-15 20:51 - 2022-04-15 20:51 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-15 20:50 - 2022-04-15 20:50 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-15 20:49 - 2022-04-15 20:49 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-15 20:47 - 2022-04-15 20:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-15 19:29 - 2022-04-15 19:29 - 000000000 ___HD C:\$WinREAgent
2022-04-13 20:54 - 2022-04-13 20:54 - 001154736 _____ (Avast Software) C:\Users\User\Downloads\avast_cleanup_online_setup.exe
2022-04-09 16:08 - 2022-04-09 16:10 - 066988883 _____ C:\Users\User\Downloads\zasilka-XCR3G7Z3WUG5RSJT.zip
2022-04-08 21:20 - 2022-04-08 21:20 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-04-08 21:16 - 2022-04-08 21:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-04-08 21:14 - 2022-04-08 21:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-04-08 21:12 - 2022-04-08 21:12 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-04-08 21:11 - 2022-04-08 21:11 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-04-04 08:08 - 2022-04-04 08:08 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-04-03 17:05 - 2022-04-03 17:04 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-23 14:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-23 14:02 - 2020-07-29 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-23 13:29 - 2016-02-07 14:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-23 12:47 - 2016-02-07 14:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-23 12:47 - 2016-02-07 14:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-23 12:09 - 2020-07-29 14:59 - 001874804 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-23 12:09 - 2019-12-07 16:43 - 000782820 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-23 12:09 - 2019-12-07 16:43 - 000172518 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-23 12:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-23 12:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-23 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-23 11:26 - 2020-07-29 15:12 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C6EB98C-803D-4DAD-BC91-0B73F657AFD3}
2022-04-23 11:24 - 2020-07-29 15:12 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-23 11:24 - 2020-07-29 15:12 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-23 11:17 - 2020-08-06 12:56 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-23 11:17 - 2020-08-06 12:56 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-23 11:15 - 2021-12-11 17:54 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 15:12 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 14:40 - 000002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-23 11:08 - 2020-07-29 15:12 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-04-23 11:08 - 2017-12-10 14:42 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-04-23 11:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-23 11:01 - 2020-10-26 13:14 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-04-23 11:01 - 2020-04-21 11:53 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000036768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-04-23 10:49 - 2017-02-13 15:41 - 000000000 ____D C:\Program Files\CCleaner
2022-04-23 10:48 - 2017-04-25 19:02 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2022-04-23 10:33 - 2020-07-29 15:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-23 10:33 - 2020-07-29 14:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-17 09:40 - 2017-10-10 22:29 - 000000000 ____D C:\ProgramData\AVAST Software
2022-04-17 09:38 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-17 09:18 - 2020-03-09 16:52 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2022-04-15 21:43 - 2020-07-29 14:33 - 000289736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-15 21:39 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 21:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-14 07:43 - 2017-12-11 14:55 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2022-04-13 20:25 - 2015-09-03 11:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 20:21 - 2015-09-03 11:24 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-12 18:46 - 2020-07-29 15:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-10 08:38 - 2021-01-24 17:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-08 23:00 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-04-08 22:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-04-08 21:11 - 2020-07-29 14:38 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-07 08:32 - 2020-08-06 12:55 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-07 08:32 - 2020-08-06 12:55 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 20:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-03 17:04 - 2020-10-26 13:14 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
2022-04-03 17:04 - 2020-04-21 11:53 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp

==================== Files in the root of some directories ========

2020-10-16 09:15 - 2020-11-27 10:28 - 000001540 _____ () C:\Users\User\AppData\Roaming\debug.log
2016-07-26 13:29 - 2016-07-26 13:29 - 000000000 _____ () C:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
2016-07-27 18:20 - 2016-07-27 18:20 - 000000000 _____ () C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
c:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8})

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fixlog se vygeneroval a uložil až na třetí pokus, tak snad to k něčemu bude

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by User (24-04-2022 19:32:35) Run:3
Running from C:\Users\User\Desktop
Loaded Profiles: User & DefaultAppPool
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
c:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8})

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => not found
ask: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0E7047-6955-45D7-8FEE-86EB1CA0D711}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C10AE92-AC22-4834-9EFD-95568F2931CB}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23F4C26D-191F-4FEE-9D33-0099C46864B5}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B1F6C5F-5A72-41B6-8A5A-EE27FF561336}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0}" => not found
"C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D611771-40ED-4AB3-8559-E0BEB7DA1E26}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C039725-2239-4000-BFF7-0D97E97A53AC}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BE24E1C-5A95-46A8-82F7-459CD8C203DE}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A661A1-BCEF-4499-868C-2E9428FBBDC3}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65D7A477-3D28-4295-9380-B8FA31A35ED2}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69D5BDA2-532D-47ED-96D6-FB7D26336996}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C1368FB-025E-43BE-97BE-92CC9E50EEF6}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EFD85D5-71A3-4E6B-8DBB-6772E8414F69}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82B7C3BD-B6A8-4172-835F-EA5DB5403FF2}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D229E57-1C30-479B-AC01-DAFA5E6AE04F}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{903CE6BC-8F14-4A36-AF7D-C0995CFC733E}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9683357B-3AED-478A-B682-BDEA880F7F9D}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9613DB0-1B81-4269-A312-CCA39046C185}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFF83838-2699-4835-93A5-306F972D790F}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3868861-B8E1-4399-A4B0-6195711708BA}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B768D2F6-3249-493B-AA27-C24949E049A5}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCD33FD6-8467-42EE-8BAD-E3165403AECA}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF1EE599-1014-4629-BD7A-E0FDBC002408}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0D34A9B-9DFC-4780-A056-0B6C349BA385}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D87D091F-7B72-4FE6-89D6-E5368479E745}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC955668-DA85-4F4E-8979-9547AFF8CAE5}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E932448C-5827-45A6-8430-A4E6D487FA19}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA840A15-B1E4-4671-BA50-6A385D24698C}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F54B576A-6608-432B-AFCC-74AB69AD1D21}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEDDDFC8-D130-4F40-9220-9391C2BE813E}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF91095F-0BAE-465A-805D-056A7E498287}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => not found
idsvc => service not found.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp" => not found
"c:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}" => not found
"C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8})" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11585938 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 20092 B
Edge => 0 B
Chrome => 7415089 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7774 B
NetworkService => 7774 B
User => 124068 B
DefaultAppPool => 124068 B

RecycleBin => 0 B
EmptyTemp: => 18.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:33:47 ====

OK. Nastala nějaká změna?

Start WIN určitě svižnější, ale do ideálního stavu to má ještě daleko

Ještě spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Zdravím, tak log z AdWare zde

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-25-2022
# Duration: 00:00:21
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\User\AppData\Local\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2281 octets] - [25/04/2022 20:30:06]
AdwCleaner[S01].txt - [2342 octets] - [25/04/2022 20:32:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

OK. Pokud se stále nic nezměnilo, zkuste defragmentovat disk.

Tak po defragmentaci nastalo výrazné zlepšení

Díky moc za pomoc !

Přeji hezký večer.

Hezký večer i vám a nemáte zač!