Totalně zasekané PC
Napsal: 04 led 2023 20:32
prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by Honza (administrator) on LAPTOP-21KUHUFR (HP HP Laptop 15-db0xxx) (04-01-2023 19:46:54)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza
Platform: Microsoft Windows 10 Home Version 20H2 19042.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{F38EEE2E-9760-4989-BF5F-C973A1C8C7A0}\AvastBrowserUpdateSetup.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Windows\Temp\AvastBrowserInstaller.exe1d46438e
(C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{F38EEE2E-9760-4989-BF5F-C973A1C8C7A0}\AvastBrowserUpdateSetup.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\GUM55FC.tmp\AvastBrowserUpdate.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_160c179c\instup.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\sbr.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe <2>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.15028.20160\OfficeClickToRun.exe
(C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google) C:\Users\Honza\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\software_reporter_tool.exe <4>
(C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Users\Honza\AppData\Local\Google\Update\Install\{244491C0-6FED-4895-A597-35FB5A92B19A}\108.0.5359.125_chrome_installer.exe
(C:\Users\Honza\AppData\Local\Google\Update\Install\{244491C0-6FED-4895-A597-35FB5A92B19A}\108.0.5359.125_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Users\Honza\AppData\Local\Google\Update\Install\{244491C0-6FED-4895-A597-35FB5A92B19A}\CR_B892F.tmp\setup.exe <2>
(C:\Windows\Temp\AvastBrowserInstaller.exe1d46438e ->) (Avast Software s.r.o. -> AVAST Software) C:\Windows\Temp\setup.exe1d4643cc <2>
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wusa.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe <24>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\lync.exe
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\Honza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Users\Honza\AppData\Local\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(RuntimeBroker.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0365900.inf_amd64_9711e6a716b3374b\B365971\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <9>
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe <3>
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe <2>
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1371_none_7e1bd7147c8285b0\TiWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(WaaSMedicAgent.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
Failed to access process -> OfficeC2RClient.exe
Failed to access process -> OfficeC2RClient.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-03-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102824 2021-03-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-02-23] (Realtek Semiconductor Corp. -> Realtek)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-481291453-4015427652-3704319521-1001\...\Run: [Google Update] => C:\Users\Honza\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2023-01-04] (Google LLC -> Google LLC)
HKU\S-1-5-21-481291453-4015427652-3704319521-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26599728 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-481291453-4015427652-3704319521-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Honza\AppData\Local\Microsoft\Teams\Update.exe [2459304 2022-01-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-481291453-4015427652-3704319521-1001\...\Run: [Opera Browser Assistant] => C:\Users\Honza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\Installer\chrmstp.exe [2022-01-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.89\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0392F175-4EBE-4B3E-888F-642556842A63} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {13654F10-8199-4173-A4FC-656FBE13A0C9} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {3F87CC9A-9188-4F1C-99B9-22FEB2AFB2B5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4604DB15-967C-4B96-AB33-6960D5FBB0DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [119664 2017-09-27] (HP Inc. -> HP Inc.)
Task: {625301A4-57D7-4341-978E-42341F88A939} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {64A1B228-641B-4C15-AA2D-1E962E1C9EF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D19C32A-872C-40CD-AF92-3CDFFDB03844} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-04] (Avast Software s.r.o. -> AVAST Software)
Task: {72851F8B-81C8-41D9-A0E5-A260E63D4A60} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
Task: {7A268199-4329-4C9C-BDF3-FC0B5329BBF9} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {83903C80-4820-4A57-8B17-B0D5E783AF2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001Core" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001UA" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\HPAudioSwitch" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d7ba07bbcbeb96" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-481291453-4015427652-3704319521-500" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\StartCN" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\StartDVR" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {8B4DF70E-1830-4950-9D52-A16B27400739} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {8F0DA0B1-7E40-404A-A352-D14652A21678} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651632 2017-09-27] (HP Inc. -> HP Inc.)
Task: {98DD1769-7053-4327-9B62-B24466750C73} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {A11D846F-721B-4CC9-9AE5-594A42AEBFBD} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-04] (Avast Software s.r.o. -> AVAST Software)
Task: {A6C6460A-7327-442C-ADCF-C9465F91A47E} - System32\Tasks\Opera scheduled Autoupdate 1555534286 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)
Task: {ADA37CB2-4D41-45E1-8468-6EA0B984F956} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC0ADCFC-8A09-4835-A0BF-E4A3F272814D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C838708C-7304-4C56-A793-F61ABC0212EF} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {C8AF950B-9A81-436C-9DE2-0BFA5E667874} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68176 2021-03-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C977022C-72F6-47FD-BF62-592535B10CA1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001Core => C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [154920 2019-09-11] (Google Inc -> Google LLC)
Task: {CF64E114-33F6-4B49-89E2-4F9E56B3A02B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60496 2021-03-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D1B3A2C1-BAC7-41F3-8920-6F0056FA6FDD} - System32\Tasks\Opera scheduled assistant Autoupdate 1557860659 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Honza\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D1FDBA41-394C-416F-A5E6-8705112FC7AF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2023-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {D423DA9D-5CA2-4DFC-9AE3-523F61CAF385} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001UA => C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [154920 2019-09-11] (Google Inc -> Google LLC)
Task: {DE7CC29A-E7E2-4220-83C5-DC45695A0A93} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {E8D8F5E2-2165-4EAA-9E6E-F4DB53A1F982} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {FC6488C5-2C0D-4C98-B236-6C43683234DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF3C5612-87DA-4C1B-8DA5-7AFBB46F663C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216432 2017-09-27] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Avast Secure Browser Heartbeat Task (Hourly).job => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 192.168.1.1 10.100.1.254 8.8.8.8
Tcpip\..\Interfaces\{8e123c9b-a14d-4677-9b55-35744d1e6af3}: [DhcpNameServer] 192.168.88.1 192.168.1.1 10.100.1.254 8.8.8.8
Tcpip\..\Interfaces\{c8619953-4f4a-49c5-bd21-450210a31c58}: [DhcpNameServer] 185.163.181.194 185.163.180.102
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Honza\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-04]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2023-01-04]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-17]
CHR Extension: (Dokumenty) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-17]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-17]
CHR Extension: (Tabulky) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-06]
Opera:
=======
OPR Profile: C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable [2022-04-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-04] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\elevation_service.exe [1721904 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [679400 2018-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-27] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-04 19:46 - 2023-01-04 19:56 - 000030686 _____ C:\Users\Honza\Desktop\FRST.txt
2023-01-04 19:43 - 2023-01-04 19:52 - 000000000 ____D C:\FRST
2023-01-04 19:40 - 2023-01-04 19:41 - 002376192 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2023-01-04 19:27 - 2023-01-04 19:27 - 009564160 _____ C:\Program Files (x86)\GUT55FD.tmp
2023-01-04 19:27 - 2023-01-04 19:27 - 000000000 ____D C:\Program Files (x86)\GUM55FC.tmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-04 19:50 - 2021-10-05 18:06 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-01-04 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-04 19:36 - 2021-10-05 18:06 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2023-01-04 19:36 - 2021-10-05 18:06 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2023-01-04 19:33 - 2020-09-27 08:53 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 19:32 - 2021-10-05 18:06 - 000003734 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001UA
2023-01-04 19:32 - 2021-10-05 18:06 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001Core
2023-01-04 19:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-04 19:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-04 19:26 - 2021-08-31 19:39 - 000000000 ____D C:\Program Files\ruxim
==================== Files in the root of some directories ========
2023-01-04 19:27 - 2023-01-04 19:27 - 009564160 _____ () C:\Program Files (x86)\GUT55FD.tmp
2020-10-22 18:59 - 2020-10-22 18:59 - 000001249 _____ () C:\Users\Honza\AppData\Local\PlariumPlay.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by Honza (administrator) on LAPTOP-21KUHUFR (HP HP Laptop 15-db0xxx) (04-01-2023 19:46:54)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza
Platform: Microsoft Windows 10 Home Version 20H2 19042.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{F38EEE2E-9760-4989-BF5F-C973A1C8C7A0}\AvastBrowserUpdateSetup.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Windows\Temp\AvastBrowserInstaller.exe1d46438e
(C:\Program Files (x86)\AVAST Software\Browser\Update\Install\{F38EEE2E-9760-4989-BF5F-C973A1C8C7A0}\AvastBrowserUpdateSetup.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\GUM55FC.tmp\AvastBrowserUpdate.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_160c179c\instup.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\sbr.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe <2>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.15028.20160\OfficeClickToRun.exe
(C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google) C:\Users\Honza\AppData\Local\Google\Chrome\User Data\SwReporter\96.276.200\software_reporter_tool.exe <4>
(C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Users\Honza\AppData\Local\Google\Update\Install\{244491C0-6FED-4895-A597-35FB5A92B19A}\108.0.5359.125_chrome_installer.exe
(C:\Users\Honza\AppData\Local\Google\Update\Install\{244491C0-6FED-4895-A597-35FB5A92B19A}\108.0.5359.125_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Users\Honza\AppData\Local\Google\Update\Install\{244491C0-6FED-4895-A597-35FB5A92B19A}\CR_B892F.tmp\setup.exe <2>
(C:\Windows\Temp\AvastBrowserInstaller.exe1d46438e ->) (Avast Software s.r.o. -> AVAST Software) C:\Windows\Temp\setup.exe1d4643cc <2>
(cmd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wusa.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Users\Honza\AppData\Local\Google\Chrome\Application\chrome.exe <24>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\lync.exe
(explorer.exe ->) (Opera Software AS -> Opera Software) C:\Users\Honza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Users\Honza\AppData\Local\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(RuntimeBroker.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0365900.inf_amd64_9711e6a716b3374b\B365971\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <9>
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(svchost.exe ->) (Google Inc -> Google LLC) C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe <3>
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe <2>
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WaaSMedicAgent.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1371_none_7e1bd7147c8285b0\TiWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(WaaSMedicAgent.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
Failed to access process -> OfficeC2RClient.exe
Failed to access process -> OfficeC2RClient.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-03-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102824 2021-03-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-02-23] (Realtek Semiconductor Corp. -> Realtek)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-481291453-4015427652-3704319521-1001\...\Run: [Google Update] => C:\Users\Honza\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2023-01-04] (Google LLC -> Google LLC)
HKU\S-1-5-21-481291453-4015427652-3704319521-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26599728 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-481291453-4015427652-3704319521-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Honza\AppData\Local\Microsoft\Teams\Update.exe [2459304 2022-01-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-481291453-4015427652-3704319521-1001\...\Run: [Opera Browser Assistant] => C:\Users\Honza\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\Installer\chrmstp.exe [2022-01-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.89\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0392F175-4EBE-4B3E-888F-642556842A63} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {13654F10-8199-4173-A4FC-656FBE13A0C9} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {3F87CC9A-9188-4F1C-99B9-22FEB2AFB2B5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {4604DB15-967C-4B96-AB33-6960D5FBB0DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [119664 2017-09-27] (HP Inc. -> HP Inc.)
Task: {625301A4-57D7-4341-978E-42341F88A939} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {64A1B228-641B-4C15-AA2D-1E962E1C9EF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D19C32A-872C-40CD-AF92-3CDFFDB03844} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-04] (Avast Software s.r.o. -> AVAST Software)
Task: {72851F8B-81C8-41D9-A0E5-A260E63D4A60} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
Task: {7A268199-4329-4C9C-BDF3-FC0B5329BBF9} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2502336 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {83903C80-4820-4A57-8B17-B0D5E783AF2D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001Core" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001UA" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\HPAudioSwitch" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d7ba07bbcbeb96" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-481291453-4015427652-3704319521-500" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\StartCN" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\StartDVR" /ENABLE
Task: {89F5037A-07D9-4921-9BBE-5CB3EA43BF09} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {8B4DF70E-1830-4950-9D52-A16B27400739} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-09-27] (HP Inc. -> HP Inc.)
Task: {8F0DA0B1-7E40-404A-A352-D14652A21678} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651632 2017-09-27] (HP Inc. -> HP Inc.)
Task: {98DD1769-7053-4327-9B62-B24466750C73} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {A11D846F-721B-4CC9-9AE5-594A42AEBFBD} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-04] (Avast Software s.r.o. -> AVAST Software)
Task: {A6C6460A-7327-442C-ADCF-C9465F91A47E} - System32\Tasks\Opera scheduled Autoupdate 1555534286 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)
Task: {ADA37CB2-4D41-45E1-8468-6EA0B984F956} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC0ADCFC-8A09-4835-A0BF-E4A3F272814D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C838708C-7304-4C56-A793-F61ABC0212EF} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {C8AF950B-9A81-436C-9DE2-0BFA5E667874} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68176 2021-03-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C977022C-72F6-47FD-BF62-592535B10CA1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001Core => C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [154920 2019-09-11] (Google Inc -> Google LLC)
Task: {CF64E114-33F6-4B49-89E2-4F9E56B3A02B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60496 2021-03-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {D1B3A2C1-BAC7-41F3-8920-6F0056FA6FDD} - System32\Tasks\Opera scheduled assistant Autoupdate 1557860659 => C:\Users\Honza\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Honza\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D1FDBA41-394C-416F-A5E6-8705112FC7AF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2250576 2023-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {D423DA9D-5CA2-4DFC-9AE3-523F61CAF385} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001UA => C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [154920 2019-09-11] (Google Inc -> Google LLC)
Task: {DE7CC29A-E7E2-4220-83C5-DC45695A0A93} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {E8D8F5E2-2165-4EAA-9E6E-F4DB53A1F982} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1490800 2017-09-27] (HP Inc. -> HP Inc.)
Task: {FC6488C5-2C0D-4C98-B236-6C43683234DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF3C5612-87DA-4C1B-8DA5-7AFBB46F663C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [216432 2017-09-27] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Avast Secure Browser Heartbeat Task (Hourly).job => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 192.168.1.1 10.100.1.254 8.8.8.8
Tcpip\..\Interfaces\{8e123c9b-a14d-4677-9b55-35744d1e6af3}: [DhcpNameServer] 192.168.88.1 192.168.1.1 10.100.1.254 8.8.8.8
Tcpip\..\Interfaces\{c8619953-4f4a-49c5-bd21-450210a31c58}: [DhcpNameServer] 185.163.181.194 185.163.180.102
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Honza\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-04]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2023-01-04]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-17]
CHR Extension: (Dokumenty) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-17]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-17]
CHR Extension: (Tabulky) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-01-06]
Opera:
=======
OPR Profile: C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable [2022-04-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-26]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-04] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\96.1.13589.111\elevation_service.exe [1721904 2021-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [679400 2018-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-01-15] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2019-04-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-27] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-04 19:46 - 2023-01-04 19:56 - 000030686 _____ C:\Users\Honza\Desktop\FRST.txt
2023-01-04 19:43 - 2023-01-04 19:52 - 000000000 ____D C:\FRST
2023-01-04 19:40 - 2023-01-04 19:41 - 002376192 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2023-01-04 19:27 - 2023-01-04 19:27 - 009564160 _____ C:\Program Files (x86)\GUT55FD.tmp
2023-01-04 19:27 - 2023-01-04 19:27 - 000000000 ____D C:\Program Files (x86)\GUM55FC.tmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-04 19:50 - 2021-10-05 18:06 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-01-04 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-04 19:36 - 2021-10-05 18:06 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2023-01-04 19:36 - 2021-10-05 18:06 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2023-01-04 19:33 - 2020-09-27 08:53 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 19:32 - 2021-10-05 18:06 - 000003734 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001UA
2023-01-04 19:32 - 2021-10-05 18:06 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-481291453-4015427652-3704319521-1001Core
2023-01-04 19:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-04 19:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-04 19:26 - 2021-08-31 19:39 - 000000000 ____D C:\Program Files\ruxim
==================== Files in the root of some directories ========
2023-01-04 19:27 - 2023-01-04 19:27 - 009564160 _____ () C:\Program Files (x86)\GUT55FD.tmp
2020-10-22 18:59 - 2020-10-22 18:59 - 000001249 _____ () C:\Users\Honza\AppData\Local\PlariumPlay.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
