zasekaný notebook

Zpráva

tvarohak · #1 Příspěvek od **tvarohak** » 11 lis 2023 17:25

Prosím o kontrolu notebook je hrozně zasekaný. Sice je starší, ale takhle pomalí nebýval. Dik Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by Jakub (administrator) on ASUS (ASUSTeK COMPUTER INC. X550CA) (11-11-2023 17:01:57)
Running from C:\Users\Jakub\Desktop\FRST64.exe
Loaded Profiles: Jakub
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E49DBA16-88E3-4E58-8DF3-8020F2B5949B}\MicrosoftEdge_X64_119.0.2151.58.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E49DBA16-88E3-4E58-8DF3-8020F2B5949B}\EDGEMITMP_A8D40.tmp\setup.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E49DBA16-88E3-4E58-8DF3-8020F2B5949B}\MicrosoftEdge_X64_119.0.2151.58.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <6>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\23.086.0423.0001\Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\23.214.1015.0001\FileSyncConfig.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(sihost.exe ->) (DAC4344D-4C49-4539-938D-A1947B946DCD -> ) C:\Program Files\WindowsApps\BOOSTUDIOLLC.METROCOMMANDER_1.3.86.0_x64__b6e429xa66pga\AppService\AppService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.401.391.0.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
Failed to access process -> chrome.exe
Failed to access process -> chrome.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [782648 2023-11-10] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [64958880 2023-11-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\MountPoints2: {04ca7fba-2332-11e5-824f-806e6f6e6963} - "E:\Msetup4.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.124\Installer\chrmstp.exe [2023-11-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D07CE959-0BA7-4CAC-9FE9-B6DCCF2BA706} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {B0980F8F-DBEC-46E3-A8CF-44464D6AE353} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [1196416 2012-10-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {2A2608AC-CA79-421A-AEB6-E39BAFF161D9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {22B8200F-26C4-45CD-AAFF-BA28D2D1E9A9} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {4EC83FEA-DB01-45F1-B88A-EC06C90176B1} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54488 2012-11-28] (ASUSTeK Computer Inc. -> ASUS)
Task: {748BDBB3-F881-4370-AE5C-706E7A172102} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [176240 2013-02-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {C2BB92AB-D60D-4AB5-AACE-F44DE806962E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {91789012-028B-46F5-9064-AC475063B439} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [1957040 2013-01-04] (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {4E1DB559-968E-4495-9994-382103AB5C3E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {EF8DB7B9-9507-4BA9-B2F0-EDF3065A1972} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-03] (Avast Software s.r.o. -> Avast Software)
Task: {E0C94CCE-E967-43EB-89EA-49716CD4A6F7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {A3EE3058-83CB-4520-8769-1B15EA90D492} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {CDF876EB-2155-42C9-B096-6BF5432D46F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {56DB858D-8296-4819-8DF9-3778FEA4A9A5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "31a860de-38ee-40ec-922e-32611f202fb2" --version "6.15.10623" --silent
Task: {34C35A38-ACA4-4B5B-8186-0A001D0BDE32} - System32\Tasks\CCleanerSkipUAC - Jakub => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A9203B74-B608-4B38-B6C8-75F89C6BD4C6} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené\esetonlinescanner.exe LOGON (No File)
Task: {703EED6C-EF38-46E3-A248-5F4F99E2EE6B} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené\esetonlinescanner.exe SCHED (No File)
Task: {35E30EE8-773C-4957-8F89-E0B82BA9B6FB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem120.0.6077.0{63ADBEDC-2415-4C40-B6D5-6A35F305C3F8} => C:\Program Files (x86)\Google\GoogleUpdater\120.0.6077.0\updater.exe [4580640 2023-10-19] (Google LLC -> Google LLC) <==== ATTENTION
Task: {BF13221D-DAD5-4806-810D-EB1A88BE81DA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem121.0.6102.0{EE8A11A1-A247-4773-9E44-4E1658AEBA9A} => C:\Program Files (x86)\Google\GoogleUpdater\121.0.6102.0\updater.exe [4304160 2023-11-02] (Google LLC -> Google LLC) <==== ATTENTION
Task: {2AA6863D-DF44-4FF0-93CF-FE4589ABC8F2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {A8AB565B-48E9-4897-B689-7CE4727FFC69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F04DAB2F-849D-4F9A-9D8A-8F9E218E39AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F49B7FB-3279-4DCF-8C2E-6CF5C49D7063} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57B04265-8AF8-4030-AC7B-5D044729F673} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {0D048788-533F-4767-96F2-76A70B85E73A} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe /partnerid=adobe /productlist=nss /staging=false /delay=0 /launchedby=4 (No File)
Task: {BE10C420-FC54-46AE-B16C-ED22B4FDB68C} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [149712 2021-10-14] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\Norton Product InstallerIdle.job => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8e32880e-1f1f-4a9c-b520-eb6b0ea008cf}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b793d6cc-0e97-47d2-b326-8bca3cde91cd}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jakub\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Jakub\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-04]

FireFox:
========
FF DefaultProfile: v1d9bxxy.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\v1d9bxxy.default [2020-08-16]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default [2023-11-11]
CHR Extension: (Just Black) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-08-28]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-23]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-11]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-01-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-01]
CHR HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUSTeK Computer Inc. -> ASUS)
R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software s.r.o. -> AVAST Software)
S2 GoogleUpdaterInternalService120.0.6077.0; C:\Program Files (x86)\Google\GoogleUpdater\120.0.6077.0\updater.exe [4580640 2023-10-19] (Google LLC -> Google LLC)
S2 GoogleUpdaterInternalService121.0.6102.0; C:\Program Files (x86)\Google\GoogleUpdater\121.0.6102.0\updater.exe [4304160 2023-11-02] (Google LLC -> Google LLC)
S2 GoogleUpdaterService120.0.6077.0; C:\Program Files (x86)\Google\GoogleUpdater\120.0.6077.0\updater.exe [4580640 2023-10-19] (Google LLC -> Google LLC)
S2 GoogleUpdaterService121.0.6102.0; C:\Program Files (x86)\Google\GoogleUpdater\121.0.6102.0\updater.exe [4304160 2023-11-02] (Google LLC -> Google LLC)
S3 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2466448 2012-09-13] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446328 2023-07-31] (Canon Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-09-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-09-23] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-09-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-23] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-11 17:01 - 2023-11-11 17:06 - 000025363 _____ C:\Users\Jakub\Desktop\FRST.txt
2023-11-10 17:13 - 2023-11-10 17:13 - 000000000 ____D C:\Users\Jakub\AppData\Local\cache
2023-11-10 17:10 - 2023-11-10 17:14 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\FreeCAD
2023-11-10 17:08 - 2023-11-10 17:08 - 000000970 _____ C:\Users\Public\Desktop\FreeCAD 0.21.lnk
2023-11-10 17:08 - 2023-11-10 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.21
2023-11-10 16:51 - 2023-11-10 16:56 - 515586285 _____ (FreeCAD Team) C:\Users\Jakub\Downloads\FreeCAD-0.21.1-WIN-x64-installer-1.exe
2023-11-10 16:48 - 2023-11-10 16:48 - 000000000 ____D C:\ProgramData\PLUG
2023-10-23 13:53 - 2023-10-23 13:55 - 105351680 _____ C:\Users\Jakub\Downloads\straspytlici-3775.bnl
2023-10-23 13:50 - 2023-10-23 13:50 - 000000000 ___HD C:\$WinREAgent
2023-10-13 13:55 - 2023-10-13 13:56 - 028712960 _____ C:\Users\Jakub\Downloads\bagr-mates-3557.bnl

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-11 17:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-11 17:04 - 2017-11-08 20:17 - 000000000 ____D C:\FRST
2023-11-11 17:02 - 2021-12-15 19:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3768943390-3512815649-1483587873-1001
2023-11-11 17:01 - 2023-03-30 20:07 - 000002419 _____ C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-11 17:01 - 2020-09-13 16:28 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3768943390-3512815649-1483587873-1001
2023-11-11 17:00 - 2018-11-16 19:39 - 002383872 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2023-11-11 17:00 - 2017-11-13 20:08 - 000000000 ____D C:\Users\Jakub\Desktop\FRST-OlderVersion
2023-11-11 16:59 - 2021-12-18 22:45 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-11 16:59 - 2015-06-28 15:36 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-11 16:59 - 2015-06-28 15:36 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-11-11 16:54 - 2020-09-13 16:28 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8B8C8830-3EC5-4157-9BE7-1C5A2017BE38}
2023-11-11 16:54 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-11 16:50 - 2020-09-13 15:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-10 17:38 - 2020-06-03 21:52 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-10 17:38 - 2020-06-03 21:52 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-11-10 17:26 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-10 17:21 - 2020-09-13 16:28 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-10 17:21 - 2020-09-13 16:28 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-11-10 17:19 - 2016-09-27 18:44 - 000000000 ____D C:\Program Files\CCleaner
2023-11-10 17:18 - 2018-01-29 22:22 - 000000000 ____D C:\Users\Jakub\AppData\Local\Packages
2023-11-10 17:05 - 2020-09-13 16:28 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-10 16:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-10 16:58 - 2023-05-09 12:23 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-10 16:58 - 2023-05-09 12:23 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-11-10 16:51 - 2020-09-13 16:17 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-10 16:51 - 2019-12-07 15:41 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2023-11-10 16:51 - 2019-12-07 15:41 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2023-11-10 16:51 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-10 16:48 - 2017-04-17 11:56 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2023-11-10 16:48 - 2015-06-28 15:21 - 000000074 _____ C:\Users\Jakub\AppData\Roaming\sp_data.sys
2023-11-10 16:47 - 2023-02-09 21:05 - 000000000 ____D C:\Program Files\RUXIM
2023-11-10 16:45 - 2020-09-13 16:28 - 000002332 _____ C:\WINDOWS\system32\Tasks\ASUS P4G
2023-11-10 16:45 - 2020-09-13 16:28 - 000002258 _____ C:\WINDOWS\system32\Tasks\AsusVibeSchedule
2023-11-10 16:45 - 2020-09-13 16:28 - 000002248 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2023-11-10 16:45 - 2020-09-13 16:28 - 000002130 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ColorU
2023-11-10 16:45 - 2020-09-13 16:28 - 000002114 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2023-11-10 16:45 - 2020-09-13 16:28 - 000002068 _____ C:\WINDOWS\system32\Tasks\ASUS InstantOn Config
2023-11-10 16:43 - 2015-11-16 22:12 - 000000000 __SHD C:\Users\Jakub\IntelGraphicsProfiles
2023-11-10 16:42 - 2020-09-13 16:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-10 16:42 - 2020-09-13 15:58 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-23 14:00 - 2015-06-30 20:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-23 13:58 - 2015-06-30 20:07 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-23 13:46 - 2020-09-13 16:01 - 000000000 ____D C:\Users\Jakub

==================== Files in the root of some directories ========

2015-06-28 15:21 - 2023-11-10 16:48 - 000000074 _____ () C:\Users\Jakub\AppData\Roaming\sp_data.sys
2015-11-26 18:17 - 2015-11-26 18:17 - 000000017 _____ () C:\Users\Jakub\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

tvarohak · #2 Příspěvek od **tvarohak** » 11 lis 2023 17:26

Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-11-10 17:21:56
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1174.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

Date: 2023-11-10 17:05:24
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1174.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X550CA.209 07/09/2013
Motherboard: ASUSTeK COMPUTER INC. X550CA
Processor: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
Percentage of memory in use: 85%
Total physical RAM: 3981.74 MB
Available physical RAM: 582.64 MB
Total Virtual: 4813.74 MB
Available Virtual: 1224.34 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.53 GB) (Free:109.49 GB) (Model: HGST HTS545050A7E680) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:201.85 GB) (Model: HGST HTS545050A7E680) NTFS

\\?\Volume{18e4c5e1-0d65-4b87-9fa8-2e9170dbfe6f}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.52 GB) NTFS
\\?\Volume{3cf77605-1d87-4254-bcd4-115899bdfb20}\ () (Fixed) (Total:0.78 GB) (Free:0.2 GB) NTFS
\\?\Volume{f3620292-a897-46ca-b0ab-ad3fa6c797ba}\ (Restore) (Fixed) (Total:20.01 GB) (Free:8.28 GB) NTFS
\\?\Volume{6cfa5ffd-0e06-4fdc-b7fb-128c2f484337}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 32FAA5A0)

Partition: GPT.

==================== End of Addition.txt =======================

#3 Příspěvek od **Rudy** » 11 lis 2023 17:47

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

tvarohak · #4 Příspěvek od **tvarohak** » 12 lis 2023 18:39

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-12-2023
# Duration: 00:00:54
# OS: Windows 10 (Build 19045.2965)
# Cleaned: 44
# Awaiting reboot:1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSInstantOn Folder C:\Program Files (x86)\ASUS\ASUS INSTANTON
Deleted Preinstalled.ASUSInstantOn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{749F674B-2674-47E8-879C-5626A06B2A91}
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE10C420-FC54-46AE-B16C-ED22B4FDB68C}

#5 Příspěvek od **Rudy** » 12 lis 2023 18:43

Dejte nové logy FRST+Addition.

tvarohak · #6 Příspěvek od **tvarohak** » 13 lis 2023 18:57

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Ran by Jakub (administrator) on ASUS (ASUSTeK COMPUTER INC. X550CA) (13-11-2023 18:43:47)
Running from C:\Users\Jakub\Desktop\FRST64.exe
Loaded Profiles: Jakub
Platform: Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\MountPoints2: {04ca7fba-2332-11e5-824f-806e6f6e6963} - "E:\Msetup4.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.124\Installer\chrmstp.exe [2023-11-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {D07CE959-0BA7-4CAC-9FE9-B6DCCF2BA706} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-21] (Adobe Inc. -> Adobe Inc.)
Task: {B0980F8F-DBEC-46E3-A8CF-44464D6AE353} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (No File)
Task: {2A2608AC-CA79-421A-AEB6-E39BAFF161D9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS)
Task: {C2BB92AB-D60D-4AB5-AACE-F44DE806962E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {4E1DB559-968E-4495-9994-382103AB5C3E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {EF8DB7B9-9507-4BA9-B2F0-EDF3065A1972} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-03] (Avast Software s.r.o. -> Avast Software)
Task: {E0C94CCE-E967-43EB-89EA-49716CD4A6F7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {A3EE3058-83CB-4520-8769-1B15EA90D492} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {4B5B845C-523C-4C61-B419-2266E9907572} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3DEB7682-A529-49CB-BAE9-080545A3AA4C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "31a860de-38ee-40ec-922e-32611f202fb2" --version "6.17.10746" --silent
Task: {34C35A38-ACA4-4B5B-8186-0A001D0BDE32} - System32\Tasks\CCleanerSkipUAC - Jakub => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A9203B74-B608-4B38-B6C8-75F89C6BD4C6} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené\esetonlinescanner.exe LOGON (No File)
Task: {703EED6C-EF38-46E3-A248-5F4F99E2EE6B} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené\esetonlinescanner.exe SCHED (No File)
Task: {BF13221D-DAD5-4806-810D-EB1A88BE81DA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem121.0.6102.0{EE8A11A1-A247-4773-9E44-4E1658AEBA9A} => C:\Program Files (x86)\Google\GoogleUpdater\121.0.6102.0\updater.exe [4304160 2023-11-02] (Google LLC -> Google LLC) <==== ATTENTION
Task: {2AA6863D-DF44-4FF0-93CF-FE4589ABC8F2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {5838F23B-FA93-4267-919E-7194DD8ADA07} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2E1B162A-255E-484A-A90A-24B358CCACDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EAEAC38A-4BE0-456B-8E78-EF06B45C1A9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {89A59141-29E6-4BB0-9D63-BACEEFFB704A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {0D048788-533F-4767-96F2-76A70B85E73A} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe /partnerid=adobe /productlist=nss /staging=false /delay=0 /launchedby=4 (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\Norton Product InstallerIdle.job => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8e32880e-1f1f-4a9c-b520-eb6b0ea008cf}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b793d6cc-0e97-47d2-b326-8bca3cde91cd}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jakub\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Jakub\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-04]

FireFox:
========
FF DefaultProfile: v1d9bxxy.default
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\v1d9bxxy.default [2020-08-16]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> D:\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default [2023-11-13]
CHR Extension: (Just Black) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2021-08-28]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-23]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-11]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-01-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-01]
CHR HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-21] (Adobe Inc. -> Adobe Inc.)
S3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-15] (AVAST Software s.r.o. -> AVAST Software)
S2 GoogleUpdaterInternalService121.0.6102.0; C:\Program Files (x86)\Google\GoogleUpdater\121.0.6102.0\updater.exe [4304160 2023-11-02] (Google LLC -> Google LLC)
S2 GoogleUpdaterService121.0.6102.0; C:\Program Files (x86)\Google\GoogleUpdater\121.0.6102.0\updater.exe [4304160 2023-11-02] (Google LLC -> Google LLC)
S3 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2466448 2012-09-13] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446328 2023-07-31] (Canon Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
R3 MpKsl9522c60f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E93C9E1-31F1-4D3C-8806-96CAA22F7CA2}\MpKslDrv.sys [263560 2023-11-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-13 18:43 - 2023-11-13 18:46 - 000018528 _____ C:\Users\Jakub\Desktop\FRST.txt
2023-11-13 16:54 - 2023-11-13 16:57 - 732190720 _____ C:\Users\Jakub\Downloads\RRRRrrrr_Gagarin.avi
2023-11-13 06:49 - 2023-11-13 06:49 - 000000000 ___HD C:\$WinREAgent
2023-11-12 16:59 - 2023-11-12 16:59 - 008791352 _____ (Malwarebytes) C:\Users\Jakub\Desktop\adwcleaner.exe
2023-11-11 18:03 - 2023-11-11 18:03 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\Trimble Connect for SketchUp
2023-11-11 17:49 - 2023-11-11 17:49 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\SketchUp
2023-11-11 17:49 - 2023-11-11 17:49 - 000000000 ____D C:\Users\Jakub\AppData\Local\SketchUp
2023-11-11 17:49 - 2023-11-11 17:49 - 000000000 ____D C:\ProgramData\Reprise
2023-11-11 17:47 - 2023-11-11 17:47 - 000001221 _____ C:\Users\Public\Desktop\Style Builder.lnk
2023-11-11 17:47 - 2023-11-11 17:47 - 000001147 _____ C:\Users\Public\Desktop\LayOut 2022.lnk
2023-11-11 17:47 - 2023-11-11 17:47 - 000001054 _____ C:\Users\Public\Desktop\SketchUp Pro 2022.lnk
2023-11-11 17:47 - 2023-11-11 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2022
2023-11-11 17:45 - 2023-11-11 17:45 - 000000000 ____D C:\ProgramData\SketchUp
2023-11-11 17:45 - 2023-11-11 17:45 - 000000000 ____D C:\Program Files\SketchUp
2023-11-11 17:43 - 2023-11-11 17:43 - 000000000 ____D C:\Users\Jakub\AppData\Local\Downloaded Installations
2023-11-11 17:31 - 2023-11-11 17:33 - 265134688 _____ (Trimble, Inc.) C:\Users\Jakub\Downloads\SketchUpPro-2022-0-354-126.exe
2023-11-10 17:13 - 2023-11-10 17:13 - 000000000 ____D C:\Users\Jakub\AppData\Local\cache
2023-11-10 17:10 - 2023-11-10 17:14 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\FreeCAD
2023-11-10 17:08 - 2023-11-10 17:08 - 000000970 _____ C:\Users\Public\Desktop\FreeCAD 0.21.lnk
2023-11-10 17:08 - 2023-11-10 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.21
2023-11-10 16:51 - 2023-11-10 16:56 - 515586285 _____ (FreeCAD Team) C:\Users\Jakub\Downloads\FreeCAD-0.21.1-WIN-x64-installer-1.exe
2023-11-10 16:48 - 2023-11-10 16:48 - 000000000 ____D C:\ProgramData\PLUG

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-11-13 18:45 - 2020-09-13 16:28 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8B8C8830-3EC5-4157-9BE7-1C5A2017BE38}
2023-11-13 18:45 - 2017-11-08 20:17 - 000000000 ____D C:\FRST
2023-11-13 18:42 - 2020-09-13 15:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-13 09:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-13 08:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-13 06:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-13 06:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-13 06:31 - 2020-06-03 21:52 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-13 06:31 - 2020-06-03 21:52 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-11-13 06:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-13 06:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-12 18:35 - 2016-09-27 18:44 - 000000000 ____D C:\Program Files\CCleaner
2023-11-12 18:25 - 2015-11-16 22:15 - 000000000 ____D C:\Users\Jakub\AppData\Local\Publishers
2023-11-12 18:20 - 2018-07-09 19:08 - 000000000 ____D C:\ProgramData\Packages
2023-11-12 18:20 - 2018-01-29 22:22 - 000000000 ____D C:\Users\Jakub\AppData\Local\Packages
2023-11-12 18:06 - 2021-01-24 20:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-12 17:53 - 2020-09-13 16:17 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-12 17:53 - 2019-12-07 15:41 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2023-11-12 17:53 - 2019-12-07 15:41 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2023-11-12 17:53 - 2018-08-04 16:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-12 17:51 - 2023-05-16 06:13 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-11-12 17:51 - 2023-05-16 06:13 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-11-12 17:51 - 2020-09-13 16:28 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-11-12 17:51 - 2020-09-13 16:28 - 000002332 _____ C:\WINDOWS\system32\Tasks\ASUS P4G
2023-11-12 17:51 - 2020-09-13 16:28 - 000002248 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2023-11-12 17:51 - 2020-09-13 16:28 - 000002068 _____ C:\WINDOWS\system32\Tasks\ASUS InstantOn Config
2023-11-12 17:49 - 2015-11-16 22:12 - 000000000 __SHD C:\Users\Jakub\IntelGraphicsProfiles
2023-11-12 17:45 - 2020-09-13 15:58 - 000259768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-12 17:44 - 2020-09-13 16:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-12 17:44 - 2020-09-13 15:58 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-12 17:43 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-12 17:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-12 17:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-12 17:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-12 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-12 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-11-12 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-12 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-11-12 17:22 - 2020-09-13 16:01 - 000000000 ____D C:\Users\Jakub
2023-11-12 17:21 - 2019-08-11 11:01 - 000000000 ____D C:\ProgramData\ASUS
2023-11-12 17:21 - 2013-07-30 18:05 - 000000000 ____D C:\Program Files\ASUS
2023-11-12 17:21 - 2013-05-01 12:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2023-11-12 17:21 - 2013-05-01 12:16 - 000000000 ____D C:\Program Files (x86)\ASUS
2023-11-12 17:10 - 2020-09-13 16:03 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-11 17:48 - 2013-07-30 17:43 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-11-11 17:44 - 2016-01-12 19:51 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-11 17:02 - 2021-12-15 19:35 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3768943390-3512815649-1483587873-1001
2023-11-11 17:01 - 2023-03-30 20:07 - 000002419 _____ C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-11 17:01 - 2020-09-13 16:28 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3768943390-3512815649-1483587873-1001
2023-11-11 17:00 - 2018-11-16 19:39 - 002383872 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2023-11-11 17:00 - 2017-11-13 20:08 - 000000000 ____D C:\Users\Jakub\Desktop\FRST-OlderVersion
2023-11-11 16:59 - 2021-12-18 22:45 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-11 16:59 - 2015-06-28 15:36 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-11 16:59 - 2015-06-28 15:36 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-11-10 17:21 - 2020-09-13 16:28 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-11-10 17:21 - 2020-09-13 16:28 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-11-10 17:05 - 2020-09-13 16:28 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-10 16:58 - 2023-05-09 12:23 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-10 16:58 - 2023-05-09 12:23 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-11-10 16:48 - 2017-04-17 11:56 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2023-11-10 16:48 - 2015-06-28 15:21 - 000000074 _____ C:\Users\Jakub\AppData\Roaming\sp_data.sys
2023-11-10 16:47 - 2023-02-09 21:05 - 000000000 ____D C:\Program Files\RUXIM
2023-10-23 14:00 - 2015-06-30 20:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-23 13:58 - 2015-06-30 20:07 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2015-06-28 15:21 - 2023-11-10 16:48 - 000000074 _____ () C:\Users\Jakub\AppData\Roaming\sp_data.sys
2015-11-26 18:17 - 2015-11-26 18:17 - 000000017 _____ () C:\Users\Jakub\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

tvarohak · #7 Příspěvek od **tvarohak** » 13 lis 2023 18:58

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by Jakub (13-11-2023 18:51:11)
Running from C:\Users\Jakub\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) (2020-09-13 15:29:52)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3768943390-3512815649-1483587873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3768943390-3512815649-1483587873-503 - Limited - Disabled)
Guest (S-1-5-21-3768943390-3512815649-1483587873-501 - Limited - Disabled)
Jakub (S-1-5-21-3768943390-3512815649-1483587873-1001 - Administrator - Enabled) => C:\Users\Jakub
WDAGUtilityAccount (S-1-5-21-3768943390-3512815649-1483587873-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.006.20360 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Call of Duty - World at War (HKLM-x32\...\{2775C25A-DF39-44AA-8E59-E0447DC164C2}) (Version: 1.00.0000 - Modern)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.5.1 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
FreeCAD 0.21.1 (HKLM\...\FreeCAD0211) (Version: 0.21.1 - FreeCAD Team)
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.124 - Google LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}) (Version: 1.24.388.1 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.58 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\OneDriveSetup.exe) (Version: 23.214.1015.0001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.23.27820 (HKLM\...\{9CA7111B-263D-45DE-B898-61FAD30B3237}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.23.27820 (HKLM\...\{A94EC1B2-932B-49D7-8AF2-4FBD29FF314B}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Photo Common (HKLM-x32\...\{0DF95460-2887-4011-9344-1959CDF18ADC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{49110532-D289-4BFF-807C-45B782E66A7C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{AA82E5EF-70C2-41CB-8432-309078304CBB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{C67BC332-A59A-4D40-977F-664F60AB21D8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{EB91007A-0110-42A6-B869-2709955A9B2A}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{30F99474-EBE3-4134-A02B-F6CD38CFE243}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{63824BC0-B747-43F3-9863-1066D64AD919}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG3600 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3600 series) (Version: - ‭Canon Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SketchUp Pro 2022 (HKLM-x32\...\{c631706c-1735-11ec-9621-0242ac130015}) (Version: 22.0.354 - Trimble, Inc.)
SketchUpPro 2022 (HKLM\...\{898ed298-4bc7-f67e-2e5b-6202a980787a}) (Version: 22.0.354.126 - SketchUp) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows Live Communications Platform (HKLM-x32\...\{0454BB9A-2A7A-4214-BDFF-937F7A711A44}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{FE7C0B3D-50B9-4951-BE78-A321CBF86552}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{4CCBD1F4-CEEC-452A-9CB8-46564B501315}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{56232E3D-7EA9-45E0-A371-26CD80510AF7}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E18F981B-401C-4D90-BC57-D8903564D558}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-11-10] ()
ASUS Welcome -> C:\Program Files\WindowsApps\B9ECED6F.ASUSWelcome_1.0.1.0_x64__qmba6cd70vzyy [2015-11-16] (ASUSTeK COMPUTER INC.)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-09] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-12] (HP Inc.)
Metro Commander -> C:\Program Files\WindowsApps\BOOSTUDIOLLC.METROCOMMANDER_1.3.86.0_x64__b6e429xa66pga [2020-05-21] (Finebits OÜ) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3768943390-3512815649-1483587873-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3768943390-3512815649-1483587873-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\stažené\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\stažené\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSContextMenu.DLL [2012-12-19] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\stažené\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\stažené\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-02-19 12:44 - 2015-01-09 08:45 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_CSY.DLL
2023-02-19 12:44 - 2015-01-09 08:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2023-02-19 12:07 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
DPF: HKLM-x32 {53049A9A-1122-4673-B8D4-12F545AE3285} hxxp://slkostelcam.coolnet.cz/AVC_AX_764.cab

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 20:06 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-02-03 15:16 - 2018-02-14 20:51 - 000000434 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\skoda-fabia-r5-2015-1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3768943390-3512815649-1483587873-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{47086E7B-0352-42A7-913D-A6066E97E82C}D:\call of duty 4 modern warfare\iw3mp.exe] => (Block) D:\call of duty 4 modern warfare\iw3mp.exe () [File not signed]
FirewallRules: [TCP Query User{69691007-177C-4C13-8C26-348AE5F485E7}D:\call of duty 4 modern warfare\iw3mp.exe] => (Block) D:\call of duty 4 modern warfare\iw3mp.exe () [File not signed]
FirewallRules: [UDP Query User{49EAB404-DE66-4567-A01B-46A3C343C8A5}D:\stažené\cod 5\codwaw.exe] => (Block) D:\stažené\cod 5\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [TCP Query User{40A0A809-7944-4A89-9E9F-FEFD151CF194}D:\stažené\cod 5\codwaw.exe] => (Block) D:\stažené\cod 5\codwaw.exe (Activision Blizzard, Inc.) [File not signed]
FirewallRules: [{075A4F28-4C29-4F00-8A1A-8F9D4F92CD88}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{4852027A-47DC-4EAD-9D92-941A69CFC71E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{ED47EE4B-2F5E-487E-A08B-B133988AC2E4}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F571F071-09CB-4EE7-8AFD-CD8849DE4B2A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B26A75DB-4604-4E2F-8711-CA18A79C75E8}D:\stažené\call of duty 2\cod2mp_s.exe] => (Block) D:\stažené\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{B7F2F34B-1D12-46E6-A654-9655B60779F8}D:\stažené\call of duty 2\cod2mp_s.exe] => (Block) D:\stažené\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{FD978CC3-9EED-4CA3-A90C-B0DD2A784958}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [UDP Query User{151534BA-9E9B-403A-BFB4-59BDA2E90AD5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [TCP Query User{E99C9FB4-82FA-4EF0-819B-B14E48516890}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [UDP Query User{69DAE441-724E-4575-AD61-BE181F15C2D5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [TCP Query User{00CD9F41-8DFF-4F4B-8224-6CC474AF07FD}D:\stažené\cod 5\codwawmp.exe] => (Block) D:\stažené\cod 5\codwawmp.exe (Activision Publishing -> Activision Blizzard, Inc.)
FirewallRules: [UDP Query User{DEE55550-3072-45F6-861F-F4325B6DF145}D:\stažené\cod 5\codwawmp.exe] => (Block) D:\stažené\cod 5\codwawmp.exe (Activision Publishing -> Activision Blizzard, Inc.)
FirewallRules: [{78CFD4D0-4E4F-4BC6-8E54-0E23778D87A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{BEA3EE59-9AA5-4EC0-8C7F-8927958B3FFC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{3674B2AE-B2BB-4BD4-8F28-47A13DC9ABA9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{657A75C1-C307-4424-99FF-D73BE43C6864}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

11-11-2023 17:19:28 Instalační služba modulů systému Windows
12-11-2023 17:17:40 AdwCleaner_BeforeCleaning_12/11/2023_17:17:30
12-11-2023 17:55:59 Instalační služba modulů systému Windows
13-11-2023 06:46:25 Instalační služba modulů systému Windows
13-11-2023 06:50:32 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/13/2023 11:11:37 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na DATA (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/13/2023 11:10:19 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na OS (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/13/2023 07:56:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Media.Player.exe verze 11.2309.6.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3228

Čas spuštění: 01da15fe09c93800

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2309.6.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe

ID hlášení: c8fe7131-f6cd-4262-89d9-92f7c7a62994

Úplný název balíčku s chybou: Microsoft.ZuneMusic_11.2309.6.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.ZuneMusic

Typ zablokování: Quiesce

Error: (11/12/2023 05:52:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.3393, časové razítko: 0x03e952e9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x701481f0
ID chybujícího procesu: 0x1160
Čas spuštění chybující aplikace: 0x01da158890d48c70
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7d7b4f89-bccd-4056-b99a-0945b1620095
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/12/2023 05:51:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 2.0.0.2, časové razítko: 0x51bae339
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.3393, časové razítko: 0xfeef31d3
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff299
ID chybujícího procesu: 0x9d0
Čas spuštění chybující aplikace: 0x01da15878091202b
Cesta k chybující aplikaci: C:\Windows\system32\FBAgent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: cee768e3-0fea-4bbd-917c-beb1966a7f95
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/12/2023 05:01:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2913 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: b5c

Čas spuštění: 01da13ec9f89c5b6

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 05c2573b-e817-42ca-afea-0ea8ec147cb3

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (11/11/2023 04:51:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.2913 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 5d0

Čas spuštění: 01da13ed7c433aa0

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

ID hlášení: 042b79f0-af2c-46a5-8207-50b3966f6943

Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.9.19041_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: CortanaUI

Typ zablokování: Quiesce

Error: (11/10/2023 04:45:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 2.0.0.2, časové razítko: 0x51bae339
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2788, časové razítko: 0x2f715b17
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff449
ID chybujícího procesu: 0xa74
Čas spuštění chybující aplikace: 0x01da13ec7516e0c1
Cesta k chybující aplikaci: C:\Windows\system32\FBAgent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 331e8fc7-4b47-49f0-b896-9e5fc668c4a6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (11/13/2023 06:44:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/13/2023 05:01:56 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/13/2023 04:30:01 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/13/2023 04:25:55 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/13/2023 01:52:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/13/2023 09:23:20 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/13/2023 09:20:09 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/13/2023 09:08:33 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {F3B4E234-7A68-4E43-B813-E4BA55A065F6} se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
================
Date: 2023-11-13 09:10:35
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4C88702F-751D-4C80-9326-424E250DC996}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-08-19 17:02:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A919B2D7-755B-4783-B411-F7B189612C28}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-16 06:24:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {006CAAA2-370D-413C-A00E-013D6FA35190}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-15 13:40:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3CE49C78-0311-4CDB-AD32-8194DD5BCB8E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-02 20:38:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {26C0EED4-7EA0-48E1-9F36-D755613D052A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-11-12 18:10:59
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.502.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-11-10 17:25:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1174.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-11-10 17:25:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1174.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-11-10 17:25:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1174.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-11-10 17:21:56
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1174.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X550CA.209 07/09/2013
Motherboard: ASUSTeK COMPUTER INC. X550CA
Processor: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
Percentage of memory in use: 62%
Total physical RAM: 3981.74 MB
Available physical RAM: 1511.65 MB
Total Virtual: 4847.77 MB
Available Virtual: 1781.22 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.53 GB) (Free:88.9 GB) (Model: HGST HTS545050A7E680) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:258.15 GB) (Free:201.85 GB) (Model: HGST HTS545050A7E680) NTFS

\\?\Volume{18e4c5e1-0d65-4b87-9fa8-2e9170dbfe6f}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.52 GB) NTFS
\\?\Volume{3cf77605-1d87-4254-bcd4-115899bdfb20}\ () (Fixed) (Total:0.78 GB) (Free:0.16 GB) NTFS
\\?\Volume{f3620292-a897-46ca-b0ab-ad3fa6c797ba}\ (Restore) (Fixed) (Total:20.01 GB) (Free:8.28 GB) NTFS
\\?\Volume{6cfa5ffd-0e06-4fdc-b7fb-128c2f484337}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 32FAA5A0)

Partition: GPT.

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 13 lis 2023 19:55

Otevřte poznámkový blok a zkopírujte do něj:

Start

ClooseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [TCP Query User{FD978CC3-9EED-4CA3-A90C-B0DD2A784958}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [UDP Query User{151534BA-9E9B-403A-BFB4-59BDA2E90AD5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [TCP Query User{E99C9FB4-82FA-4EF0-819B-B14E48516890}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [UDP Query User{69DAE441-724E-4575-AD61-BE181F15C2D5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B0980F8F-DBEC-46E3-A8CF-44464D6AE353} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (No File)
Task: {4E1DB559-968E-4495-9994-382103AB5C3E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {A9203B74-B608-4B38-B6C8-75F89C6BD4C6} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené\esetonlinescanner.exe LOGON (No File)
Task: {703EED6C-EF38-46E3-A248-5F4F99E2EE6B} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené\esetonlinescanner.exe SCHED (No File)
Task: {BF13221D-DAD5-4806-810D-EB1A88BE81DA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem121.0.6102.0{EE8A11A1-A247-4773-9E44-4E1658AEBA9A} => C:\Program Files (x86)\Google\GoogleUpdater\121.0.6102.0\updater.exe [4304160 2023-11-02] (Google LLC -> Google LLC) <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {0D048788-533F-4767-96F2-76A70B85E73A} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe /partnerid=adobe /productlist=nss /staging=false /delay=0 /launchedby=4 (No File)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

tvarohak · #9 Příspěvek od **tvarohak** » 15 lis 2023 17:22

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02
Ran by Jakub (15-11-2023 16:33:41) Run:2
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

ClooseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [TCP Query User{FD978CC3-9EED-4CA3-A90C-B0DD2A784958}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [UDP Query User{151534BA-9E9B-403A-BFB4-59BDA2E90AD5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [TCP Query User{E99C9FB4-82FA-4EF0-819B-B14E48516890}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
FirewallRules: [UDP Query User{69DAE441-724E-4575-AD61-BE181F15C2D5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Block) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {B0980F8F-DBEC-46E3-A8CF-44464D6AE353} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (No File)
Task: {4E1DB559-968E-4495-9994-382103AB5C3E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {A9203B74-B608-4B38-B6C8-75F89C6BD4C6} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené\esetonlinescanner.exe LOGON (No File)
Task: {703EED6C-EF38-46E3-A248-5F4F99E2EE6B} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené\esetonlinescanner.exe SCHED (No File)
Task: {BF13221D-DAD5-4806-810D-EB1A88BE81DA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem121.0.6102.0{EE8A11A1-A247-4773-9E44-4E1658AEBA9A} => C:\Program Files (x86)\Google\GoogleUpdater\121.0.6102.0\updater.exe [4304160 2023-11-02] (Google LLC -> Google LLC) <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {0D048788-533F-4767-96F2-76A70B85E73A} - System32\Tasks\Norton Product InstallerIdle => C:\Windows\SysWOW64\Adobe\Shockwave 12\SymInstallStub.exe /partnerid=adobe /productlist=nss /staging=false /delay=0 /launchedby=4 (No File)

EmptyTemp:
End
*****************

ClooseProcesses: => Error: No automatic fix found for this entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FD978CC3-9EED-4CA3-A90C-B0DD2A784958}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{151534BA-9E9B-403A-BFB4-59BDA2E90AD5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E99C9FB4-82FA-4EF0-819B-B14E48516890}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{69DAE441-724E-4575-AD61-BE181F15C2D5}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B0980F8F-DBEC-46E3-A8CF-44464D6AE353} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0980F8F-DBEC-46E3-A8CF-44464D6AE353} => removed successfully
C:\WINDOWS\System32\Tasks\ASUS InstantOn Config => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS InstantOn Config => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4E1DB559-968E-4495-9994-382103AB5C3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E1DB559-968E-4495-9994-382103AB5C3E}" => removed successfully
C:\WINDOWS\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A9203B74-B608-4B38-B6C8-75F89C6BD4C6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9203B74-B608-4B38-B6C8-75F89C6BD4C6}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{703EED6C-EF38-46E3-A248-5F4F99E2EE6B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{703EED6C-EF38-46E3-A248-5F4F99E2EE6B}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF13221D-DAD5-4806-810D-EB1A88BE81DA}" => not found
"C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem121.0.6102.0{EE8A11A1-A247-4773-9E44-4E1658AEBA9A}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem121.0.6102.0{EE8A11A1-A247-4773-9E44-4E1658AEBA9A}" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57} => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D048788-533F-4767-96F2-76A70B85E73A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D048788-533F-4767-96F2-76A70B85E73A}" => removed successfully
C:\WINDOWS\System32\Tasks\Norton Product InstallerIdle => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Product InstallerIdle" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 91359640 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 654876920 B
Edge => 16384 B
Chrome => 265853915 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 697395547 B
Jakub => 857365901 B

RecycleBin => 2196555826 B
EmptyTemp: => 4.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:35:12 ====

#10 Příspěvek od **Rudy** » 15 lis 2023 17:45

Smazáno. Zrychlil se chod?

tvarohak · #11 Příspěvek od **tvarohak** » 18 lis 2023 17:28

Ano je to lepší, moc děkuju

#12 Příspěvek od **Rudy** » 18 lis 2023 17:46

Rádo se stalo!

VIRY.CZ

zasekaný notebook

zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook

Re: zasekaný notebook