spomaleny notebook

Zpráva

Vasil · #1 Příspěvek od **Vasil** » 22 zář 2023 19:02

Prosim o kontrolu, notebook je spomaleny

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2023
Ran by j. zem (administrator) on JZEMBER (TOSHIBA SATELLITE C850-1DD) (22-09-2023 19:47:52)
Running from C:\Users\Jozef\Desktop\FRST64 (1).exe
Loaded Profiles: j. zem
Platform: Microsoft Windows 8.1 (Update) (X64) Language: Angličtina (Spojené kráľovstvo) -> Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (SRS Labs, Inc. -> SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(explorer.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(explorer.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (Tibaco International B.V. -> ) C:\Users\Jozef\AppData\Local\JogoBox\JogoBoxService.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(services.exe ->) (TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(svchost.exe ->) (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(svchost.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc. -> SRS Labs, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [256408 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4140448 2023-03-08] (Opera Norway AS -> Opera Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\windows\system32\hpzlllhn.dll [48640 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\LIDIL hpzllwn7: C:\windows\system32\hpzllwn7.dll [51712 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.149\Installer\chrmstp.exe [2023-06-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {39C42C66-8864-4774-8110-43F95EF2ED56} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4947352 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
Task: {13E557EF-93EF-4773-9AC4-E657B14F6C87} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-04] (Avast Software s.r.o. -> Avast Software)
Task: {EF5F0706-7A17-4D47-BCC5-3E0A1B1124BC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe /launch (No File)
Task: {E96B0552-037B-4F56-88E8-16B1000020FD} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [File not signed]
Task: {ADA35E8C-BAD1-4E7A-B7B0-25E87225EF47} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9575ec3ace5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {E121A717-A58C-493D-9C2F-3ABAAFE76D2A} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab9dc3931892 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {60A27CE0-E30A-4661-A142-AB156ABD5F75} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {60A27CE0-E30A-4661-A142-AB156ABD5F75} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-24]] (Microsoft Windows -> Microsoft Corporation)
Task: {191562A5-99FC-4239-8EB5-47D730B31E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {191562A5-99FC-4239-8EB5-47D730B31E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-24]] (Microsoft Windows -> Microsoft Corporation)
Task: {35ED76AC-6DBC-4A5A-94CE-116645844F49} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {35ED76AC-6DBC-4A5A-94CE-116645844F49} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {35ED76AC-6DBC-4A5A-94CE-116645844F49} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\WINDOWS\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-24]] (Microsoft Windows -> Microsoft Corporation)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {DD2D7032-48C8-4DCB-A41D-79CEBD3D7765} - System32\Tasks\Opera scheduled assistant Autoupdate 1582819510 => C:\Program Files\Opera\launcher.exe [2635160 2023-04-27] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {2BAD1020-BFE9-46A3-B6CD-5ED1F110EC84} - System32\Tasks\Opera scheduled Autoupdate 1504726349 => C:\Program Files\Opera\launcher.exe [2635160 2023-04-27] (Opera Norway AS -> Opera Software)
Task: {89D14705-A6E4-4804-BF81-C9F21BB23CE9} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 ] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {26C895A2-626C-4FF1-8A37-022CD39C84C2} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [461272 2012-08-14] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
Task: {9EC4891A-DBCB-4F85-A3E6-F4CE314D51A2} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [1295496 2012-07-27] (TOSHIBA CORPORATION -> TOSHIBA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{186B7CCB-FC56-4E8C-9351-751EA47BEA5E}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{186B7CCB-FC56-4E8C-9351-751EA47BEA5E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E1EB523A-37CF-45D7-8D4D-0D1392E1E7DD}: [DhcpNameServer] 127.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\eavb8yya.default [2023-09-01]
FF user.js: detected! => C:\Users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\eavb8yya.default\user.js [2014-02-12]
FF NewTab: Mozilla\Firefox\Profiles\eavb8yya.default -> about:blank
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird => not found
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1504080517-992152691-4045409680-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Jozef\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2023-06-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default [2023-09-22]
CHR Notifications: Default -> hxxps://vidpop.in
CHR HomePage: Default -> hxxps://www.google.com/
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-26]
CHR Extension: (Google Search) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Download Youtube Video) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppndcnonoeolinaenhopmebikpcmicp [2017-09-06]
CHR Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-04-22]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-18]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

Opera:
=======
OPR Profile: C:\Users\Jozef\AppData\Roaming\Opera Software\Opera Stable [2023-09-22]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Jozef\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-08-24]
OPR Extension: (Opera Wallet) - C:\Users\Jozef\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-08-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Jozef\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8904088 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [587672 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [588184 2023-09-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-25] (Avast Software s.r.o. -> AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
R2 TWEService; C:\Users\Jozef\AppData\Local\JogoBox\JogoBoxService.exe [150032 2013-08-14] (Tibaco International B.V. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31528 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [238496 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392880 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297880 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272576 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559184 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [946160 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [705480 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212680 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319568 2023-09-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (TOSHIBA CORPORATION -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-22 19:47 - 2023-09-22 19:50 - 000021935 _____ C:\Users\Jozef\Desktop\FRST.txt
2023-09-22 19:45 - 2023-09-22 19:45 - 002382848 _____ (Farbar) C:\Users\Jozef\Downloads\FRST64 (1).exe
2023-09-22 19:45 - 2023-09-22 19:45 - 002382848 _____ (Farbar) C:\Users\Jozef\Desktop\FRST64 (1).exe
2023-09-22 13:24 - 2023-09-22 13:24 - 000008016 _____ C:\Users\Jozef\Downloads\Blerta AJVAZI.vcf
2023-09-01 15:32 - 2023-09-01 15:32 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-22 19:49 - 2018-09-08 14:50 - 000000000 ____D C:\FRST
2023-09-22 19:40 - 2014-09-24 18:21 - 000005396 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-22 19:40 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2023-09-22 19:36 - 2013-01-29 20:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-22 19:33 - 2018-11-10 22:58 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-09-22 19:27 - 2018-11-10 22:54 - 000000000 ____D C:\ProgramData\AVAST Software
2023-09-22 19:27 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-22 19:26 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2023-09-21 23:17 - 2020-10-29 23:59 - 000004024 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582819510
2023-09-21 23:17 - 2019-02-16 20:45 - 000002746 _____ C:\WINDOWS\system32\Tasks\FreeDownloadManagerNetworkMonitor
2023-09-21 23:17 - 2018-12-18 01:30 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d1ab9dc3931892
2023-09-21 23:17 - 2018-12-18 01:30 - 000003538 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d1e9575ec3ace5
2023-09-21 23:17 - 2018-11-10 22:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-09-21 23:17 - 2017-09-06 21:32 - 000003844 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1504726349
2023-09-21 23:17 - 2012-12-04 11:00 - 000002982 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
2023-09-21 13:14 - 2021-08-09 16:16 - 000000000 ____D C:\Users\Jozef\Desktop\Uchádzanie sa o prácu po 23.7.2021
2023-09-21 12:58 - 2013-02-12 17:38 - 000000000 ____D C:\Users\Jozef\AppData\Roaming\Microsoft\Word
2023-09-20 23:16 - 2021-08-06 16:41 - 000000000 ____D C:\Users\Jozef\Desktop\Rak. zamestnáv. + nasken. doklady
2023-09-01 15:32 - 2020-10-13 14:57 - 000272576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-09-01 15:32 - 2020-04-14 18:36 - 000559184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-09-01 15:32 - 2019-01-04 18:47 - 000297880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-09-01 15:32 - 2019-01-04 18:47 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-09-01 15:32 - 2018-11-10 22:57 - 000705480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-09-01 15:32 - 2018-11-10 22:57 - 000319568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-09-01 15:32 - 2018-11-10 22:57 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-09-01 15:32 - 2018-11-10 22:57 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-09-01 15:32 - 2018-11-10 22:57 - 000039648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-09-01 15:31 - 2019-01-14 18:50 - 000392880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-09-01 15:31 - 2019-01-04 18:47 - 000031528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2023-09-01 15:31 - 2018-11-10 22:57 - 000946160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-09-01 15:31 - 2018-11-10 22:57 - 000238496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-08-29 11:49 - 2014-04-06 12:49 - 000000000 ____D C:\Users\Jozef\AppData\Roaming\ClassicShell
2023-08-26 13:24 - 2017-09-06 21:31 - 000000000 ____D C:\Program Files\Opera
2023-08-24 14:52 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2018-02-28 19:46 - 2018-02-28 19:46 - 000004096 ____H () C:\Users\Jozef\AppData\Local\keyfile3.drm

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2023-09-15 16:53
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-09-2023
Ran by j. zem (22-09-2023 19:54:17)
Running from C:\Users\Jozef\Desktop
Microsoft Windows 8.1 (Update) (X64) (2014-12-26 17:16:37)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1504080517-992152691-4045409680-500 - Administrator - Disabled)
Guest (S-1-5-21-1504080517-992152691-4045409680-501 - Limited - Enabled)
j. zem (S-1-5-21-1504080517-992152691-4045409680-1001 - Administrator - Enabled) => C:\Users\Jozef

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{685D17E5-D868-4A77-B58E-255DEBA78262}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.8.6078 - Avast Software)
Brother MFL-Pro Suite DCP-1610W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Classic Shell (HKLM\...\{023F92C9-AB10-4C54-BF09-C550AEC37917}) (Version: 4.0.6 - IvoSoft)
e0.c5.cd.c5.e8.c5.d2. (HKU\S-1-5-21-1504080517-992152691-4045409680-1001\...\JogoBox) (Version: 9b. - e0.c5.cd.c5.e8.c5.d2.84.c9.c5.c7.)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.38.7312 - FreeDownloadManager.ORG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HWiNFO64 Version 6.14 (HKLM\...\HWiNFO64_is1) (Version: 6.14 - Martin Malik - REALiX)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}) (Version: 1.24.388.1 - Intel Corporation) Hidden
Microsoft Office Access MUI (Slovak) 2007 (HKLM-x32\...\{90120000-0015-041B-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Slovak) 2007 (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (Slovak) 2007 (HKLM-x32\...\{90120000-0044-041B-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Slovak) 2007 (HKLM-x32\...\{90120000-001A-041B-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Slovak) 2007 (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Hungarian) 2007 (HKLM-x32\...\{90120000-001F-040E-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Slovak) 2007 (HKLM-x32\...\{90120000-002C-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1039 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Slovak) 2007 (HKLM-x32\...\{90120000-0019-041B-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Slovak) 2007 (HKLM\...\{90120000-002A-041B-1000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Slovak) 2007 (HKLM-x32\...\{90120000-006E-041B-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Slovak) 2007 (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MPC-HC 1.9.23 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.23 - MPC-HC Team)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Nero BackItUp (HKLM-x32\...\{0071820F-09B0-4998-8320-F89629DCBC99}) (Version: 12.0.1000 - Nero AG) Hidden
Nero BackItUp Help (CHM) (HKLM-x32\...\{EF0D1292-8FC1-41BE-9740-DBC134F66415}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (HKLM-x32\...\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}) (Version: 12.0.12600 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (HKLM-x32\...\{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}) (Version: 12.0.3000 - Nero AG) Hidden
Nero BurnRights (HKLM-x32\...\{1001266B-D4BB-46D9-B023-2612A8CE3A31}) (Version: 12.0.3000 - Nero AG) Hidden
Nero BurnRights Help (CHM) (HKLM-x32\...\{8E7EABFA-BF37-4824-B792-4220C9E04233}) (Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.0.14800.0.48 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (HKLM-x32\...\{C994C746-C6D0-4EBA-B09E-DF7B18381B69}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.0.17600.2.3 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}) (Version: 12.0.14001 - Nero AG) Hidden
Nero Express Help (CHM) (HKLM-x32\...\{0708FF30-78C0-47B0-81F0-C84604DC769C}) (Version: 12.0.3000 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{052A1E34-A54B-458C-A4E3-24C3E054754A}) (Version: 1.18.16800 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (HKLM-x32\...\{1F16820E-D0E7-4636-939E-45CBFEFB06E1}) (Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (HKLM-x32\...\{1B6F5E51-575E-4693-BCA2-7543570D076D}) (Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (HKLM-x32\...\{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}) (Version: 12.2.1000 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{B953732D-B623-4E84-B369-CFFF7B1AE06F}) (Version: 12.0.7002 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (HKLM-x32\...\{0B311221-05A5-4766-8D03-7A6446794156}) (Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (HKLM-x32\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 11.0.11800.31.0 - Nero AG) Hidden
Opera Stable 95.0.4635.84 (HKLM-x32\...\Opera 95.0.4635.84) (Version: 95.0.4635.84 - Opera Software)
PeaZip 4.8.1 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6687 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype verzia 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.3 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.13000 - Nero AG) Hidden
Zoom (HKU\S-1-5-21-1504080517-992152691-4045409680-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Cut The Rope -> C:\Program Files\WindowsApps\ZeptoLabUKLimited.CutTheRope_1.2.0.43_x86__sq9zxnwrk84pj [2014-12-26] (ZeptoLab UK Limited)
Doodle God HD Free -> C:\Program Files\WindowsApps\JoyBitsLtd.DoodleGodHDFree_1.1.0.122_x64__2687mb06qk6xe [2014-12-26] (JoyBits Ltd)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_2.0.15133.0_x86__8wekyb3d8bbwe [2016-01-12] (Microsoft Corporation)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-09-24] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x64__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.0_2.0.1410.19000_x86__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x64__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
Kinect for Windows Framework -> C:\Program Files\WindowsApps\Microsoft.WindowsPreview.Kinect.8.1_2.0.1410.19000_x86__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x64__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
Microsoft PlayReady -> C:\Program Files\WindowsApps\Microsoft.Internal.Media.PlayReadyClient_2.3.1678.1_x86__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-08-08] (Microsoft Studios) [MS Ad]
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x64__8wekyb3d8bbwe [2014-12-26] (Microsoft Platform Extensions Internal)
Microsoft Visual C++ Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Preview.Internal_12.0.20222.2_x86__8wekyb3d8bbwe [2014-12-26] (Microsoft Platform Extensions Internal)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2014-12-26] (Microsoft Corporation)
MSN Cestovanie -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Financie -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Jedlá a nápoje -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Správy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Šport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_2.2.38.0_x64__3s2an63h56yee [2016-02-09] (Ennova Research)
Skitch Touch -> C:\Program Files\WindowsApps\Evernote.Skitch_2.4.2000.1918_neutral__q4d96b2w5wcc2 [2014-12-26] (Evernote)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-21] (Skype) [MS Ad]
Skyscanner -> C:\Program Files\WindowsApps\Skyscanner.Skyscanner_1.4.2.0_neutral__623c9he0pwcym [2014-12-27] (Skyscanner)
TOSHIBA Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.1.1.33_x64__679ekb9hp1h62 [2016-04-20] (sMedio)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-06] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1504080517-992152691-4045409680-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\Shell\Open\Command -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDICommandInvoker.exe (Toshiba Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1504080517-992152691-4045409680-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-15] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-15] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-09-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-02-16 20:45 - 2019-01-30 22:58 - 000037376 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\WinDivert.dll
2018-02-16 15:28 - 2015-12-01 09:22 - 000143360 ____R () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2018-02-16 15:28 - 2015-12-01 09:22 - 000087040 ____R (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2019-02-16 20:45 - 2019-01-30 22:59 - 000436224 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\common.dll
2014-04-05 14:18 - 2014-04-05 14:18 - 000803008 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2014-04-05 14:18 - 2014-04-05 14:18 - 003368128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2014-04-05 14:18 - 2014-04-05 14:18 - 000284864 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2019-02-16 20:45 - 2019-01-30 23:01 - 005938176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Core.dll
2019-02-16 20:45 - 2018-05-15 07:35 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Gui.dll
2019-02-16 20:45 - 2018-05-15 07:35 - 001256960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Network.dll
2019-02-16 20:45 - 2018-05-15 07:33 - 000207360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Sql.dll
2019-02-16 20:45 - 2018-05-15 07:38 - 005515264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Widgets.dll
2012-07-19 11:53 - 2012-07-19 11:53 - 000265728 _____ (TOSHIBA Corporation) [File not signed] C:\Program Files\TOSHIBA\Hotkey\TCrdMain.dll
2012-08-09 01:54 - 2012-08-09 01:54 - 000052224 _____ (Toshiba Corporation) [File not signed] C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=GB&userid=0e5ffeb5-ad7f-a488-195e-ce7224290223&searchtype=ds&q={searchTerms}&installDate=12/02/2014
HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-01-04 18:41 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jozef\Desktop\Cesta do Oblokovského hája.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6958003B-1C74-4DA1-AC9D-06768AE25053}] => (Allow) C:\Users\Jozef\Downloads\utorrent.exe => No File
FirewallRules: [{1E825D60-BE6E-4EB6-9269-714EEF243389}] => (Allow) C:\Users\Jozef\Downloads\utorrent.exe => No File
FirewallRules: [{E8A99C86-A487-4B05-8374-545E4B112B98}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{4B6A95B0-6BDC-4A6A-9B78-6AE128C2D8B3}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{D7CF0487-C23A-4C15-A501-0DEAAF6352EC}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{2A1F6FCF-34EC-4038-8EC7-21209DCDFAFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe => No File
FirewallRules: [{2494D4AC-0C14-4862-B238-2C4B2D7B7571}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe => No File
FirewallRules: [{A7EFE70C-D9A2-4CDB-A5DC-0F505AAEFC40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe => No File
FirewallRules: [{B9916959-043D-4E8B-AF45-BCBCF5C91858}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe => No File
FirewallRules: [{3BDDC344-5A34-4B20-AE40-93BEB8F7C1D0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe => No File
FirewallRules: [{A05F6900-B23C-43B0-9472-DDF3AB6D42FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe => No File
FirewallRules: [{4D2D9BA2-F337-48CD-BC13-1AFC6C2F24FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe => No File
FirewallRules: [{1FA8B4F9-3DEC-45C1-927B-5A34BEC5147B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe => No File
FirewallRules: [{10461894-B0F5-4571-AB2E-8697F2BC438B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe => No File
FirewallRules: [{88AD4C9F-920D-4FDC-A6E2-F7E8D15FA463}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe => No File
FirewallRules: [{DB7018F4-61CD-4E46-B221-C2543F0AD4CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe => No File
FirewallRules: [{09FB595A-DE9C-45D7-8B08-FD34BFFDFCF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe => No File
FirewallRules: [{431C988D-9800-4EA1-BDDB-6299013848B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe => No File
FirewallRules: [{C6316C68-A2E6-4564-91AE-510B9063482B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe => No File
FirewallRules: [{B7A4584E-02E3-4549-9842-54F32EC77CC7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe => No File
FirewallRules: [{8EE34247-9822-4DE9-9A13-F8ED5945E313}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe => No File
FirewallRules: [{933A0454-0D90-43DB-B2AD-17E8270D1882}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe => No File
FirewallRules: [{4D22C86A-8579-4115-8E75-E6EB8BA1971E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe => No File
FirewallRules: [{0602DFE7-5BFE-449B-B1A9-E68EF1A9E3BF}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe => No File
FirewallRules: [{B3EC20E8-F76E-499E-93AA-5BEB96A62189}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe => No File
FirewallRules: [{A5B2011B-CBE4-4FB2-91C0-E061462B5943}] => (Allow) LPort=54925
FirewallRules: [{3B569C90-0500-430B-89CE-237D3CC0D67A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02C02DE8-676F-4DDA-9B58-FBA3B0ED0CE5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BCE23325-C721-4ECC-B0F8-3C4E7C9F7DB8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F593D977-CB82-4474-926F-8C973F923154}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{8D022F3A-6A93-43CB-A7DC-2CBF9D881BA1}C:\users\jozef\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{B84D143C-4460-45EB-8769-00F3353A3AC9}C:\users\jozef\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jozef\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{E54D438B-80F8-428D-9B31-0CE94E664A6B}C:\users\jozef\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\jozef\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{0D3E1101-7A90-44E7-B420-798610E29254}C:\users\jozef\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\jozef\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{9BE5CB47-60AC-4982-9A85-BB9703B0887C}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [{CDDCC84A-2E33-415F-B9ED-6427B42BDF4B}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [TCP Query User{591AF322-873C-4E18-BAC5-4763806B6B64}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Block) C:\program files\freedownloadmanager.org\free download manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [UDP Query User{91E8B906-0484-446D-ABE5-42C810D6B129}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Block) C:\program files\freedownloadmanager.org\free download manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [{29DA1159-8539-40F6-8155-3E1C08AF12E4}] => (Allow) C:\Users\Jozef\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{454F1592-09DB-4CBF-B929-C125660798F9}] => (Allow) C:\Users\Jozef\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{DC53F433-9C60-4FCA-9DC9-A2D244ABAD6D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D62FE7EA-9EA6-4EB3-A32C-AC7FF8240C39}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{AD78FF75-0BC1-49CB-ABD8-EF39570D8063}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{C626D9ED-33FB-4A2D-8D57-C09F566083D4}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{96BDAA6E-87CB-4638-A602-0D11DB8EF3FB}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{AEBF5531-AF60-462B-B2FD-4C129C5FCF34}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{3D0BC14D-A44A-48C3-B6D5-2B1D0D833D24}] => (Allow) C:\Program Files\Opera\95.0.4635.80\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{461442BF-AFFC-4D1D-AF2A-F46206BDC3F5}] => (Allow) C:\Program Files\Opera\95.0.4635.84\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{22A856EF-0B85-4C3A-BAAD-725899262FCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-08-2023 11:36:20 Scheduled Checkpoint
08-09-2023 22:00:38 Scheduled Checkpoint
20-09-2023 14:09:28 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (09/22/2023 07:40:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/22/2023 07:40:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/22/2023 07:33:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: assistant_installer.exe, verzia: 100.0.4815.21, časová značka: 0x64909315
Názov chybujúceho modulu: pi-ms-win-crt-string-l1-1-0.dll, verzia: 6.3.9600.17936, časová značka: 0x55a68dd1
Kód výnimky: 0xc0000135
Odstup chyby: 0x0009d4f2
Identifikácia chybujúceho procesu: 0xc50
Čas spustenia chybujúcej aplikácie: 0x01d9ed7ad4c94d30
Cesta chybujúcej aplikácie: C:\WINDOWS\TEMP\.opera\D8ECB30309D9\CProgram FilesOperaassistant\ready\assistant_installer.exe
Cesta chybujúceho modulu: pi-ms-win-crt-string-l1-1-0.dll
Identifikácia hlásenia: 182d74bf-596e-11ee-bf31-7054d259a1e7
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (09/22/2023 06:40:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/22/2023 06:40:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/22/2023 01:18:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/22/2023 01:18:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/21/2023 09:08:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).

System errors:
=============
Error: (09/22/2023 08:00:23 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (09/22/2023 07:58:23 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} did not register with DCOM within the required timeout.

Error: (09/22/2023 02:01:32 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (09/22/2023 02:01:02 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (09/21/2023 09:52:22 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (09/21/2023 09:51:52 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (09/21/2023 12:36:59 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (09/21/2023 12:36:29 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Windows Defender:
================
Date: 2014-12-25 13:38:28.981
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-24 14:28:09.968
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 22:29:34.832
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 22:19:28.534
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 14:52:55.650
Description:
Windows Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2018-11-10 21:52:16.326
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Backup
Error Code: 0x80073aba
Error description: Prostriedok je príliš starý, takže nemôže byť kompatibilný.
Signature version: 1.191.879.0;1.191.879.0
Engine version: 1.1.11302.0

Date: 2018-11-10 21:48:40.920
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Backup
Error Code: 0x80073aba
Error description: Prostriedok je príliš starý, takže nemôže byť kompatibilný.
Signature version: 1.191.879.0;1.191.879.0
Engine version: 1.1.11302.0

Date: 2018-11-10 21:48:38.580
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: Prostriedok je príliš starý, takže nemôže byť kompatibilný.
Signature version: 1.191.925.0;1.191.925.0
Engine version: 1.1.11302.0

Date: 2014-12-26 18:55:54.125
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2014-12-26 18:11:53.264
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

==================== Memory info ===========================

BIOS: Insyde Corp. 6.20 10/24/2012
Motherboard: Intel PLCSF8
Processor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
Percentage of memory in use: 34%
Total physical RAM: 8073.22 MB
Available physical RAM: 5280 MB
Total Virtual: 9353.22 MB
Available Virtual: 6313.99 MB

==================== Drives ================================

Drive c: (TI30992200A) (Fixed) (Total:455.08 GB) (Free:292.69 GB) (Model: TOSHIBA MK5075GSX) NTFS

\\?\Volume{0b384756-0187-11e2-8f1c-da3354a2d5c4}\ (System) (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
\\?\Volume{dac7cb98-0c94-4431-8fcc-9cfe0403e12b}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
\\?\Volume{8fb81932-3306-4a24-be15-78883272136d}\ (Recovery) (Fixed) (Total:9.42 GB) (Free:0.64 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **JaRon** » 23 zář 2023 12:39

Ahoj,
v tomto pripade doporucujem
1. vymenit Hdd za SSD
alebo
2. prejst na W10
prip. oboje

VIRY.CZ

spomaleny notebook

spomaleny notebook

Re: spomaleny notebook