Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Velmi pomalý NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Velmi pomalý NTB
Dobrý den,
prosím o kontrolu přiloženého logu. Děkuji
==================== Memory info ===========================
BIOS: Hewlett-Packard 68SCF Ver. F.08 08/26/2011
Motherboard: Hewlett-Packard 161C
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 91%
Total physical RAM: 4006.36 MB
Available physical RAM: 324.21 MB
Total Virtual: 8102.36 MB
Available Virtual: 4481.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.17 GB) (Free:178.39 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{ea556af6-7159-11e4-a176-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{b1d89fcc-0000-0000-0000-40d139000000}\ () (Fixed) (Total:0.8 GB) (Free:0.24 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B1D89FCC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=818 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by User (administrator) on USER-PC (Hewlett-Packard HP EliteBook 8460p) (23-04-2022 10:58:48)
Running from C:\Users\User\Desktop
Loaded Profiles: User & DefaultAppPool
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google) C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\100.281.200\software_reporter_tool.exe <4>
(C:\Program Files (x86)\Google\Temp\GUM946F.tmp\GoogleUpdate.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(C:\Program Files (x86)\Google\Update\Install\{14747B01-6339-487C-8C2F-DE1B08D25B13}\GoogleUpdateSetup.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Temp\GUM946F.tmp\GoogleUpdate.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\MicrosoftEdge_X64_100.0.1185.50_100.0.1185.44.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\EDGEMITMP_392A1.tmp\setup.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\MicrosoftEdge_X64_100.0.1185.50_100.0.1185.44.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_16031778\instup.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\sbr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <42>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{14747B01-6339-487C-8C2F-DE1B08D25B13}\GoogleUpdateSetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(svchost.exe ->) (Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\avast software\overseer\overseer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2016-10-13] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2016-10-13] (Intel Corporation -> Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [sznAgent] => C:\Users\User\AppData\Roaming\Seznam Browser-be182612-c9e6-43cb-b5e9-52a10253f4ef\sznAgent\Seznam.cz.exe [168296 2021-12-08] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540400 2022-04-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DLL [597792 2013-09-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\x64\us003pc.dll [43520 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us003 Langmon: C:\WINDOWS\system32\us003lm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {0F2FF57F-9524-4996-BAA2-BAFD59D96419} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11C3783E-DE66-4E1B-8C7D-2D9DEE4CE1D1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752384 2021-02-25] (HP Inc. -> )
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {36A62E49-B705-4DE9-8BB2-D0D412E19468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4674752B-CE0B-4E65-8B87-CDD850C70B4F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A6E0CEF-EE0E-4442-A258-B8C71A07DCD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4AF7F516-BE64-4FB7-A2A8-7279EFA515BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4CEBD837-CD6B-4066-8BED-3CE2210E461A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57D384A4-43A3-475B-AFEC-80FA025AEAE6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {58F12A66-94FD-47E1-8670-758B51B7A354} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65B383A9-BFC2-4994-AAA1-C87987D782B8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4992280 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {6FFCEEF5-2869-4261-A140-BA2CE1747629} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {70A91560-141E-49E3-9D22-E627395819B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {934CCB92-5324-494E-8B63-D264E0223497} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2296088 2022-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AA4D8F8A-DECD-42CD-90FA-B5515EB729BC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AB392A12-5D17-4BB0-841F-8F80FB7DF474} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe (No File)
Task: {AB5FAAA0-6B29-41AE-8042-0BBE866D6E9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B0324F95-BCA2-42C0-A20E-7F0D9438119C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F0A3424C-E23C-4E12-AA08-F2A7EA8BD45A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {F3B3FADB-6DB6-40C5-9D8E-E82C81FF66EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9f21d08e-778b-48ff-a756-294c04d5aeb1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dca730cd-5246-456b-a0d0-7c37960977a8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ddc50129-4591-4e9e-922a-136507dcf748}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e38b3080-d786-4851-a737-1104c467905f}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-23]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-04-23]
CHR Notifications: Default -> hxxps://cs.soringpcrepair.com; hxxps://free-message.services; hxxps://message-alert.info; hxxps://pushpush.net; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-03-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2016-10-13] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8483920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [564504 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [563992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2016-07-25] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2016-10-13] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228928 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [370752 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269440 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546320 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855336 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [551920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 johci; C:\WINDOWS\System32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-20] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-23 11:06 - 2022-04-23 11:01 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asweeabb177b1e95a80.tmp
2022-04-23 11:06 - 2022-04-23 11:00 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-04-23 10:58 - 2022-04-23 11:07 - 000029071 _____ C:\Users\User\Desktop\FRST.txt
2022-04-23 10:55 - 2022-04-23 11:01 - 000000000 ____D C:\FRST
2022-04-23 10:47 - 2022-04-23 10:52 - 002366976 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-04-17 09:24 - 2022-04-17 09:24 - 000171928 _____ C:\Users\User\Documents\cc_20220417_092406.reg
2022-04-15 20:51 - 2022-04-15 20:51 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-15 20:50 - 2022-04-15 20:50 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-15 20:49 - 2022-04-15 20:49 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-15 20:47 - 2022-04-15 20:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-15 19:29 - 2022-04-15 19:29 - 000000000 ___HD C:\$WinREAgent
2022-04-13 20:54 - 2022-04-13 20:54 - 001154736 _____ (Avast Software) C:\Users\User\Downloads\avast_cleanup_online_setup.exe
2022-04-09 16:08 - 2022-04-09 16:10 - 066988883 _____ C:\Users\User\Downloads\zasilka-XCR3G7Z3WUG5RSJT.zip
2022-04-08 21:20 - 2022-04-08 21:20 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-04-08 21:16 - 2022-04-08 21:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-04-08 21:14 - 2022-04-08 21:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-04-08 21:12 - 2022-04-08 21:12 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-04-08 21:11 - 2022-04-08 21:11 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-04-04 08:08 - 2022-04-04 08:08 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-04-03 17:05 - 2022-04-03 17:04 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-23 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-23 11:17 - 2020-08-06 12:56 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-23 11:17 - 2020-08-06 12:56 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-23 11:15 - 2021-12-11 17:54 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 15:12 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 14:40 - 000002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-23 11:08 - 2020-07-29 15:12 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-04-23 11:08 - 2017-12-10 14:42 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-04-23 11:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-23 11:05 - 2016-02-07 14:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-23 11:01 - 2020-10-26 13:14 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-04-23 11:01 - 2020-04-21 11:53 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000036768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-04-23 10:49 - 2017-02-13 15:41 - 000000000 ____D C:\Program Files\CCleaner
2022-04-23 10:48 - 2017-04-25 19:02 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2022-04-23 10:41 - 2020-07-29 14:59 - 001874804 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-23 10:41 - 2019-12-07 16:43 - 000782820 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-23 10:41 - 2019-12-07 16:43 - 000172518 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-23 10:41 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-23 10:33 - 2020-07-29 15:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-23 10:33 - 2020-07-29 14:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-23 10:33 - 2020-07-29 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-17 09:40 - 2017-10-10 22:29 - 000000000 ____D C:\ProgramData\AVAST Software
2022-04-17 09:38 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-17 09:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-17 09:22 - 2020-07-29 15:12 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C6EB98C-803D-4DAD-BC91-0B73F657AFD3}
2022-04-17 09:18 - 2020-03-09 16:52 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2022-04-16 11:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-15 21:43 - 2020-07-29 14:33 - 000289736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-15 21:39 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 21:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-14 07:43 - 2017-12-11 14:55 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2022-04-13 20:25 - 2015-09-03 11:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 20:21 - 2015-09-03 11:24 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-12 18:46 - 2020-07-29 15:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-12 18:37 - 2016-02-07 14:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-12 18:37 - 2016-02-07 14:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-10 08:38 - 2021-01-24 17:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-08 23:00 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-04-08 22:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-04-08 21:11 - 2020-07-29 14:38 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-07 08:32 - 2020-08-06 12:55 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-07 08:32 - 2020-08-06 12:55 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 20:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-03 17:04 - 2020-10-26 13:14 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
2022-04-03 17:04 - 2020-04-21 11:53 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
==================== Files in the root of some directories ========
2020-10-16 09:15 - 2020-11-27 10:28 - 000001540 _____ () C:\Users\User\AppData\Roaming\debug.log
2016-07-26 13:29 - 2016-07-26 13:29 - 000000000 _____ () C:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
2016-07-27 18:20 - 2016-07-27 18:20 - 000000000 _____ () C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
prosím o kontrolu přiloženého logu. Děkuji
==================== Memory info ===========================
BIOS: Hewlett-Packard 68SCF Ver. F.08 08/26/2011
Motherboard: Hewlett-Packard 161C
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 91%
Total physical RAM: 4006.36 MB
Available physical RAM: 324.21 MB
Total Virtual: 8102.36 MB
Available Virtual: 4481.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.17 GB) (Free:178.39 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{ea556af6-7159-11e4-a176-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{b1d89fcc-0000-0000-0000-40d139000000}\ () (Fixed) (Total:0.8 GB) (Free:0.24 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B1D89FCC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=818 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by User (administrator) on USER-PC (Hewlett-Packard HP EliteBook 8460p) (23-04-2022 10:58:48)
Running from C:\Users\User\Desktop
Loaded Profiles: User & DefaultAppPool
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google) C:\Users\User\AppData\Local\Google\Chrome\User Data\SwReporter\100.281.200\software_reporter_tool.exe <4>
(C:\Program Files (x86)\Google\Temp\GUM946F.tmp\GoogleUpdate.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(C:\Program Files (x86)\Google\Update\Install\{14747B01-6339-487C-8C2F-DE1B08D25B13}\GoogleUpdateSetup.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Temp\GUM946F.tmp\GoogleUpdate.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\MicrosoftEdge_X64_100.0.1185.50_100.0.1185.44.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\EDGEMITMP_392A1.tmp\setup.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{ACA5779F-911E-4CA6-B98E-23C44EA563E8}\MicrosoftEdge_X64_100.0.1185.50_100.0.1185.44.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_16031778\instup.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\sbr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <42>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{14747B01-6339-487C-8C2F-DE1B08D25B13}\GoogleUpdateSetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(svchost.exe ->) (Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\avast software\overseer\overseer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2016-10-13] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2016-10-13] (Intel Corporation -> Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [sznAgent] => C:\Users\User\AppData\Roaming\Seznam Browser-be182612-c9e6-43cb-b5e9-52a10253f4ef\sznAgent\Seznam.cz.exe [168296 2021-12-08] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540400 2022-04-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DLL [597792 2013-09-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\x64\us003pc.dll [43520 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us003 Langmon: C:\WINDOWS\system32\us003lm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {0F2FF57F-9524-4996-BAA2-BAFD59D96419} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11C3783E-DE66-4E1B-8C7D-2D9DEE4CE1D1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752384 2021-02-25] (HP Inc. -> )
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {36A62E49-B705-4DE9-8BB2-D0D412E19468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4674752B-CE0B-4E65-8B87-CDD850C70B4F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A6E0CEF-EE0E-4442-A258-B8C71A07DCD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4AF7F516-BE64-4FB7-A2A8-7279EFA515BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4CEBD837-CD6B-4066-8BED-3CE2210E461A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57D384A4-43A3-475B-AFEC-80FA025AEAE6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {58F12A66-94FD-47E1-8670-758B51B7A354} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65B383A9-BFC2-4994-AAA1-C87987D782B8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4992280 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {6FFCEEF5-2869-4261-A140-BA2CE1747629} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {70A91560-141E-49E3-9D22-E627395819B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {934CCB92-5324-494E-8B63-D264E0223497} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2296088 2022-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AA4D8F8A-DECD-42CD-90FA-B5515EB729BC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AB392A12-5D17-4BB0-841F-8F80FB7DF474} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe (No File)
Task: {AB5FAAA0-6B29-41AE-8042-0BBE866D6E9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B0324F95-BCA2-42C0-A20E-7F0D9438119C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F0A3424C-E23C-4E12-AA08-F2A7EA8BD45A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {F3B3FADB-6DB6-40C5-9D8E-E82C81FF66EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9f21d08e-778b-48ff-a756-294c04d5aeb1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dca730cd-5246-456b-a0d0-7c37960977a8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ddc50129-4591-4e9e-922a-136507dcf748}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e38b3080-d786-4851-a737-1104c467905f}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-23]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-04-23]
CHR Notifications: Default -> hxxps://cs.soringpcrepair.com; hxxps://free-message.services; hxxps://message-alert.info; hxxps://pushpush.net; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-03-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2016-10-13] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8483920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [564504 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [563992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2016-07-25] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2016-10-13] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228928 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [370752 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269440 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546320 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855336 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [551920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 johci; C:\WINDOWS\System32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-20] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-23 11:06 - 2022-04-23 11:01 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asweeabb177b1e95a80.tmp
2022-04-23 11:06 - 2022-04-23 11:00 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-04-23 10:58 - 2022-04-23 11:07 - 000029071 _____ C:\Users\User\Desktop\FRST.txt
2022-04-23 10:55 - 2022-04-23 11:01 - 000000000 ____D C:\FRST
2022-04-23 10:47 - 2022-04-23 10:52 - 002366976 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-04-17 09:24 - 2022-04-17 09:24 - 000171928 _____ C:\Users\User\Documents\cc_20220417_092406.reg
2022-04-15 20:51 - 2022-04-15 20:51 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-15 20:50 - 2022-04-15 20:50 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-15 20:49 - 2022-04-15 20:49 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-15 20:47 - 2022-04-15 20:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-15 19:29 - 2022-04-15 19:29 - 000000000 ___HD C:\$WinREAgent
2022-04-13 20:54 - 2022-04-13 20:54 - 001154736 _____ (Avast Software) C:\Users\User\Downloads\avast_cleanup_online_setup.exe
2022-04-09 16:08 - 2022-04-09 16:10 - 066988883 _____ C:\Users\User\Downloads\zasilka-XCR3G7Z3WUG5RSJT.zip
2022-04-08 21:20 - 2022-04-08 21:20 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-04-08 21:16 - 2022-04-08 21:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-04-08 21:14 - 2022-04-08 21:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-04-08 21:12 - 2022-04-08 21:12 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-04-08 21:11 - 2022-04-08 21:11 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-04-04 08:08 - 2022-04-04 08:08 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-04-03 17:05 - 2022-04-03 17:04 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-23 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-23 11:17 - 2020-08-06 12:56 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-23 11:17 - 2020-08-06 12:56 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-23 11:15 - 2021-12-11 17:54 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 15:12 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 14:40 - 000002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-23 11:08 - 2020-07-29 15:12 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-04-23 11:08 - 2017-12-10 14:42 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-04-23 11:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-23 11:05 - 2016-02-07 14:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-23 11:01 - 2020-10-26 13:14 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-04-23 11:01 - 2020-04-21 11:53 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000036768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-04-23 10:49 - 2017-02-13 15:41 - 000000000 ____D C:\Program Files\CCleaner
2022-04-23 10:48 - 2017-04-25 19:02 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2022-04-23 10:41 - 2020-07-29 14:59 - 001874804 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-23 10:41 - 2019-12-07 16:43 - 000782820 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-23 10:41 - 2019-12-07 16:43 - 000172518 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-23 10:41 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-23 10:33 - 2020-07-29 15:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-23 10:33 - 2020-07-29 14:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-23 10:33 - 2020-07-29 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-17 09:40 - 2017-10-10 22:29 - 000000000 ____D C:\ProgramData\AVAST Software
2022-04-17 09:38 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-17 09:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-17 09:22 - 2020-07-29 15:12 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C6EB98C-803D-4DAD-BC91-0B73F657AFD3}
2022-04-17 09:18 - 2020-03-09 16:52 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2022-04-16 11:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-15 21:43 - 2020-07-29 14:33 - 000289736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-15 21:39 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 21:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-14 07:43 - 2017-12-11 14:55 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2022-04-13 20:25 - 2015-09-03 11:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 20:21 - 2015-09-03 11:24 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-12 18:46 - 2020-07-29 15:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-12 18:37 - 2016-02-07 14:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-12 18:37 - 2016-02-07 14:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-10 08:38 - 2021-01-24 17:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-08 23:00 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-04-08 22:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-04-08 21:11 - 2020-07-29 14:38 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-07 08:32 - 2020-08-06 12:55 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-07 08:32 - 2020-08-06 12:55 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 20:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-03 17:04 - 2020-10-26 13:14 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
2022-04-03 17:04 - 2020-04-21 11:53 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
==================== Files in the root of some directories ========
2020-10-16 09:15 - 2020-11-27 10:28 - 000001540 _____ () C:\Users\User\AppData\Roaming\debug.log
2016-07-26 13:29 - 2016-07-26 13:29 - 000000000 _____ () C:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
2016-07-27 18:20 - 2016-07-27 18:20 - 000000000 _____ () C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velmi pomalý NTB
Zdravím!
Log Addition není kompletní.
Log Addition není kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velmi pomalý NTB
Tak druhý pokus
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by User (23-04-2022 14:20:14)
Running from C:\Users\User\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) (2020-07-29 13:14:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2312916346-564570717-1298912178-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2312916346-564570717-1298912178-503 - Limited - Disabled)
Guest (S-1-5-21-2312916346-564570717-1298912178-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2312916346-564570717-1298912178-1002 - Limited - Enabled)
User (S-1-5-21-2312916346-564570717-1298912178-1000 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2312916346-564570717-1298912178-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84238}) (Version: 1.7.38.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.38.0 - Alcor Micro Corp.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{7a06df8f-4c5a-4207-aa9e-019406e3a46d}) (Version: 17.1.0 - Intel Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.3.6008 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.92 - Piriform)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{3F728815-C7E8-40EA-8D1A-F7B8E2382325}) (Version: 3.4.10.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{7D37E9C6-0366-499E-BF14-AA0C8047559B}) (Version: 4.0.80.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Prohlížeč Seznam.cz (HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Seznam Browser) (Version: 6.19.0 - Seznam.cz a.s.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.59 (13.4.2021) - HP Development Company, L.P.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.7.2017) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.5.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.29 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.1 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-04-08] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-07-13] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-20] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-03-09] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-07-25 17:23 - 2016-03-24 05:56 - 002817536 _____ () [File not signed] C:\WINDOWS\system32\DlgSearchEngine.dll
2018-06-14 10:44 - 2018-06-14 10:44 - 000087552 _____ () [File not signed] C:\WINDOWS\system32\SSDEVM64.DLL
2016-10-13 11:32 - 2016-10-13 11:31 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2013-05-16 07:52 - 2013-05-16 07:52 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-05-16 07:52 - 2013-05-16 07:52 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-10-13 11:32 - 2016-10-13 11:31 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
Network Binding:
=============
Bezdrátové připojení k síti: Protokol Intel® Centrino® Wireless Bluetooth® + High Speed -> amppalp (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeARMservice => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "QLBController"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\StartupApproved\Run: => "sznAgent"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1F03CF55-0242-4389-A723-F701D0B92EF8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe () [File not signed]
FirewallRules: [{2FD07A77-ECA8-407D-9B05-F6BC00695683}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe () [File not signed]
FirewallRules: [UDP Query User{E4F0A766-1FE3-43A0-874F-EC0B9EBA422D}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Block) C:\program files (x86)\samsung\easy document creator\edc.exe () [File not signed]
FirewallRules: [TCP Query User{8A4ACE17-E417-4068-A59D-941F644965F7}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Block) C:\program files (x86)\samsung\easy document creator\edc.exe () [File not signed]
FirewallRules: [{D1D7CE2A-3B3F-49DB-BACA-FCAF942D81DA}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe (ZONER software) [File not signed]
FirewallRules: [{7E4882F3-8269-4593-A39D-6212D5936FC9}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0E04E0B4-9CEE-40E8-A118-D825B8A78A86}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{2FD1FDD3-FBAD-4F93-BB18-351A0BFDA749}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{4C9ACC8B-545B-46AC-BACE-B8E74A6B8912}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{B62046E8-09F5-4ABC-86FD-928EF589611E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7336E6E6-ABCD-4F9C-A531-DB6A488377A1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{995C4705-DCD5-4CE1-8C90-C07962B03019}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{72C4A494-7A38-4740-B83A-55363E1F82A9}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{91326404-2801-42CF-94CE-C4867B6CEB4A}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F4AFA112-1526-48ED-92A0-E759883AE6E4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{ECD61BC1-0B53-416E-BF54-DA40A6A82014}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{C711B1CF-C604-4D69-BBC0-04C941DCDFC0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4A36321A-9482-4284-8648-B54FDC0959F3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{733A95A1-7E0C-42BD-9437-09A0671B072A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A7467B3-7086-4049-B9FD-42715D308416}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{87B9E64B-14F5-4D01-854C-AC69B9DA660F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C2BE0F-BA6A-48FD-965D-4A42BFAAE200}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{42816947-43DE-4E1B-A8FB-3DB849D965E4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{1E2B2AEA-7D5D-4C04-9244-5EF6D196D062}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7DDEEF25-B81E-48AD-A714-7A72F7F33E72}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7FB66747-ACF1-46B8-B383-D01D9FEF2630}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7B61E014-FA4B-42CB-94D3-91E88AD4CBC1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7F429F55-6A5E-4E16-8FC6-78B72E0A8E88}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8D8EE581-5162-4C56-A0F1-C89068CEF9D2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BFBB018E-1347-4A0C-827F-3079A5AD15BD}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{26A7B0F3-A46B-410B-A005-7041E16686C2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1503D741-E655-4E06-BD66-D83F7B132ACD}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{68E26EDD-8731-4C98-B9EB-93695E7AC7E8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{03E689F9-E8E5-4712-A45D-4A2D525413AA}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2BA9A16C-46EB-4422-BCAB-2D942A9ACB05}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0BC9E5BB-A283-4C64-B19D-237308EB685D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E3B7479B-B547-480C-840D-0153EBBD864A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0DB68751-630C-4D7E-8E80-B93234DDED58}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A7590DA8-48A7-4246-8C79-65A6D948D2C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3550869-B2ED-4D1B-BB26-3699D8CFBD90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F52B472D-F7A3-4358-BD19-6295CE9259BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55893C2F-723E-4A36-B194-A6AA0DDF9965}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8815FED-A3BE-4080-B01D-AF146AF2E780}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7A18F4B2-F4CD-414B-88E3-9573DAB51052}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A691414-979B-4B28-813B-A1E7CBA39BFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/23/2022 02:12:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 02:06:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 01:37:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 01:32:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 12:01:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 10:47:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Název chybujícího modulu: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000010476
ID chybujícího procesu: 0x1474
Čas spuštění chybující aplikace: 0x01d856ee643c7370
Cesta k chybující aplikaci: C:\Program Files\IDT\WDM\sttray64.exe
Cesta k chybujícímu modulu: C:\Program Files\IDT\WDM\sttray64.exe
ID zprávy: 5a3f995f-790d-4199-b793-e2cff4054052
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/23/2022 10:45:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.722.3302.0, časové razítko: 0x62447170
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1645, časové razítko: 0x630193b4
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b362
ID chybujícího procesu: 0x1970
Čas spuštění chybující aplikace: 0x01d856ee53df324b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8b52312f-451d-441e-b011-f0d9aa50db16
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (04/23/2022 10:45:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Název chybujícího modulu: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000010476
ID chybujícího procesu: 0x1474
Čas spuštění chybující aplikace: 0x01d856ee643c7370
Cesta k chybující aplikaci: C:\Program Files\IDT\WDM\sttray64.exe
Cesta k chybujícímu modulu: C:\Program Files\IDT\WDM\sttray64.exe
ID zprávy: 81d5c38b-4ef9-4d10-91e1-d5acc30872c7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (04/23/2022 11:31:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Správce instalace zařízení neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/23/2022 11:31:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Správce instalace zařízení bylo dosaženo časového limitu (30000 ms).
Error: (04/23/2022 10:39:05 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (04/23/2022 10:35:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Software Framework Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/23/2022 10:35:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HP Software Framework Service bylo dosaženo časového limitu (45000 ms).
Error: (04/23/2022 10:34:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NcbService byla ukončena s následující chybou:
Zařízení připojené k systému nefunguje.
Error: (04/23/2022 10:33:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:39:31, 17.04.2022) bylo neočekávané.
Error: (04/17/2022 09:37:49 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.
CodeIntegrity:
===============
Date: 2022-04-23 11:07:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-04-23 10:46:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\setup\uat_3016.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-23 10:39:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard 68SCF Ver. F.08 08/26/2011
Motherboard: Hewlett-Packard 161C
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 83%
Total physical RAM: 4006.36 MB
Available physical RAM: 652.52 MB
Total Virtual: 8102.36 MB
Available Virtual: 2724.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.17 GB) (Free:184.96 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{ea556af6-7159-11e4-a176-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{b1d89fcc-0000-0000-0000-40d139000000}\ () (Fixed) (Total:0.8 GB) (Free:0.24 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B1D89FCC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=818 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by User (administrator) on USER-PC (Hewlett-Packard HP EliteBook 8460p) (23-04-2022 14:15:21)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2016-10-13] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2016-10-13] (Intel Corporation -> Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [sznAgent] => C:\Users\User\AppData\Roaming\Seznam Browser-be182612-c9e6-43cb-b5e9-52a10253f4ef\sznAgent\Seznam.cz.exe [168296 2021-12-08] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540408 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\RunOnce: [Uninstall 22.055.0313.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\22.055.0313.0001"
HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DLL [597792 2013-09-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\x64\us003pc.dll [43520 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us003 Langmon: C:\WINDOWS\system32\us003lm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {0F2FF57F-9524-4996-BAA2-BAFD59D96419} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11C3783E-DE66-4E1B-8C7D-2D9DEE4CE1D1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752384 2021-02-25] (HP Inc. -> )
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {36A62E49-B705-4DE9-8BB2-D0D412E19468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4674752B-CE0B-4E65-8B87-CDD850C70B4F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A6E0CEF-EE0E-4442-A258-B8C71A07DCD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4AF7F516-BE64-4FB7-A2A8-7279EFA515BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4CEBD837-CD6B-4066-8BED-3CE2210E461A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57D384A4-43A3-475B-AFEC-80FA025AEAE6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {58F12A66-94FD-47E1-8670-758B51B7A354} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {6FFCEEF5-2869-4261-A140-BA2CE1747629} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {70A91560-141E-49E3-9D22-E627395819B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {934CCB92-5324-494E-8B63-D264E0223497} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2296088 2022-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AA4D8F8A-DECD-42CD-90FA-B5515EB729BC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AB392A12-5D17-4BB0-841F-8F80FB7DF474} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe (No File)
Task: {AB5FAAA0-6B29-41AE-8042-0BBE866D6E9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B0324F95-BCA2-42C0-A20E-7F0D9438119C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B2104D91-9840-448E-9D33-AC0115D6A514} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4992792 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F0A3424C-E23C-4E12-AA08-F2A7EA8BD45A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {F3B3FADB-6DB6-40C5-9D8E-E82C81FF66EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9f21d08e-778b-48ff-a756-294c04d5aeb1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dca730cd-5246-456b-a0d0-7c37960977a8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ddc50129-4591-4e9e-922a-136507dcf748}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e38b3080-d786-4851-a737-1104c467905f}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-23]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-04-23]
CHR Notifications: Default -> hxxps://cs.soringpcrepair.com; hxxps://free-message.services; hxxps://message-alert.info; hxxps://pushpush.net; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-03-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2016-10-13] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8483920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [564504 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [563992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2016-07-25] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2016-10-13] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36768 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228912 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [378944 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252984 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100408 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42400 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269448 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546296 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83968 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855320 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [556088 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [320904 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 johci; C:\WINDOWS\System32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-20] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-23 11:06 - 2022-04-23 11:01 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asweeabb177b1e95a80.tmp
2022-04-23 11:06 - 2022-04-23 11:00 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-04-23 10:58 - 2022-04-23 14:17 - 000026587 _____ C:\Users\User\Desktop\FRST.txt
2022-04-23 10:55 - 2022-04-23 14:16 - 000000000 ____D C:\FRST
2022-04-23 10:47 - 2022-04-23 10:52 - 002366976 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-04-17 09:24 - 2022-04-17 09:24 - 000171928 _____ C:\Users\User\Documents\cc_20220417_092406.reg
2022-04-15 20:51 - 2022-04-15 20:51 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-15 20:50 - 2022-04-15 20:50 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-15 20:49 - 2022-04-15 20:49 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-15 20:47 - 2022-04-15 20:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-15 19:29 - 2022-04-15 19:29 - 000000000 ___HD C:\$WinREAgent
2022-04-13 20:54 - 2022-04-13 20:54 - 001154736 _____ (Avast Software) C:\Users\User\Downloads\avast_cleanup_online_setup.exe
2022-04-09 16:08 - 2022-04-09 16:10 - 066988883 _____ C:\Users\User\Downloads\zasilka-XCR3G7Z3WUG5RSJT.zip
2022-04-08 21:20 - 2022-04-08 21:20 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-04-08 21:16 - 2022-04-08 21:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-04-08 21:14 - 2022-04-08 21:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-04-08 21:12 - 2022-04-08 21:12 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-04-08 21:11 - 2022-04-08 21:11 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-04-04 08:08 - 2022-04-04 08:08 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-04-03 17:05 - 2022-04-03 17:04 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-23 14:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-23 14:02 - 2020-07-29 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-23 13:29 - 2016-02-07 14:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-23 12:47 - 2016-02-07 14:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-23 12:47 - 2016-02-07 14:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-23 12:09 - 2020-07-29 14:59 - 001874804 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-23 12:09 - 2019-12-07 16:43 - 000782820 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-23 12:09 - 2019-12-07 16:43 - 000172518 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-23 12:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-23 12:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-23 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-23 11:26 - 2020-07-29 15:12 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C6EB98C-803D-4DAD-BC91-0B73F657AFD3}
2022-04-23 11:24 - 2020-07-29 15:12 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-23 11:24 - 2020-07-29 15:12 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-23 11:17 - 2020-08-06 12:56 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-23 11:17 - 2020-08-06 12:56 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-23 11:15 - 2021-12-11 17:54 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 15:12 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 14:40 - 000002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-23 11:08 - 2020-07-29 15:12 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-04-23 11:08 - 2017-12-10 14:42 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-04-23 11:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-23 11:01 - 2020-10-26 13:14 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-04-23 11:01 - 2020-04-21 11:53 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000036768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-04-23 10:49 - 2017-02-13 15:41 - 000000000 ____D C:\Program Files\CCleaner
2022-04-23 10:48 - 2017-04-25 19:02 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2022-04-23 10:33 - 2020-07-29 15:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-23 10:33 - 2020-07-29 14:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-17 09:40 - 2017-10-10 22:29 - 000000000 ____D C:\ProgramData\AVAST Software
2022-04-17 09:38 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-17 09:18 - 2020-03-09 16:52 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2022-04-15 21:43 - 2020-07-29 14:33 - 000289736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-15 21:39 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 21:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-14 07:43 - 2017-12-11 14:55 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2022-04-13 20:25 - 2015-09-03 11:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 20:21 - 2015-09-03 11:24 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-12 18:46 - 2020-07-29 15:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-10 08:38 - 2021-01-24 17:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-08 23:00 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-04-08 22:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-04-08 21:11 - 2020-07-29 14:38 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-07 08:32 - 2020-08-06 12:55 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-07 08:32 - 2020-08-06 12:55 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 20:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-03 17:04 - 2020-10-26 13:14 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
2022-04-03 17:04 - 2020-04-21 11:53 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
==================== Files in the root of some directories ========
2020-10-16 09:15 - 2020-11-27 10:28 - 000001540 _____ () C:\Users\User\AppData\Roaming\debug.log
2016-07-26 13:29 - 2016-07-26 13:29 - 000000000 _____ () C:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
2016-07-27 18:20 - 2016-07-27 18:20 - 000000000 _____ () C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by User (23-04-2022 14:20:14)
Running from C:\Users\User\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) (2020-07-29 13:14:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2312916346-564570717-1298912178-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2312916346-564570717-1298912178-503 - Limited - Disabled)
Guest (S-1-5-21-2312916346-564570717-1298912178-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2312916346-564570717-1298912178-1002 - Limited - Enabled)
User (S-1-5-21-2312916346-564570717-1298912178-1000 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2312916346-564570717-1298912178-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3BB84238}) (Version: 1.7.38.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.38.0 - Alcor Micro Corp.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{7a06df8f-4c5a-4207-aa9e-019406e3a46d}) (Version: 17.1.0 - Intel Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.3.6008 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.92 - Piriform)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{3F728815-C7E8-40EA-8D1A-F7B8E2382325}) (Version: 3.4.10.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{7D37E9C6-0366-499E-BF14-AA0C8047559B}) (Version: 4.0.80.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Prohlížeč Seznam.cz (HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Seznam Browser) (Version: 6.19.0 - Seznam.cz a.s.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.59 (13.4.2021) - HP Development Company, L.P.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21.7.2017) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.18 (31.5.2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.29 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.19.0 - Samsung Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.1 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-04-08] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-05-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-05-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Studios) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2017-07-13] (Samsung Electronics Co. Ltd.)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-20] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-03-09] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-04-03] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-07-25 17:23 - 2016-03-24 05:56 - 002817536 _____ () [File not signed] C:\WINDOWS\system32\DlgSearchEngine.dll
2018-06-14 10:44 - 2018-06-14 10:44 - 000087552 _____ () [File not signed] C:\WINDOWS\system32\SSDEVM64.DLL
2016-10-13 11:32 - 2016-10-13 11:31 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2013-05-16 07:52 - 2013-05-16 07:52 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-05-16 07:52 - 2013-05-16 07:52 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-10-13 11:32 - 2016-10-13 11:31 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
Network Binding:
=============
Bezdrátové připojení k síti: Protokol Intel® Centrino® Wireless Bluetooth® + High Speed -> amppalp (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeARMservice => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "QLBController"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\StartupApproved\Run: => "sznAgent"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1F03CF55-0242-4389-A723-F701D0B92EF8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe () [File not signed]
FirewallRules: [{2FD07A77-ECA8-407D-9B05-F6BC00695683}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe () [File not signed]
FirewallRules: [UDP Query User{E4F0A766-1FE3-43A0-874F-EC0B9EBA422D}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Block) C:\program files (x86)\samsung\easy document creator\edc.exe () [File not signed]
FirewallRules: [TCP Query User{8A4ACE17-E417-4068-A59D-941F644965F7}C:\program files (x86)\samsung\easy document creator\edc.exe] => (Block) C:\program files (x86)\samsung\easy document creator\edc.exe () [File not signed]
FirewallRules: [{D1D7CE2A-3B3F-49DB-BACA-FCAF942D81DA}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe (ZONER software) [File not signed]
FirewallRules: [{7E4882F3-8269-4593-A39D-6212D5936FC9}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0E04E0B4-9CEE-40E8-A118-D825B8A78A86}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{2FD1FDD3-FBAD-4F93-BB18-351A0BFDA749}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{4C9ACC8B-545B-46AC-BACE-B8E74A6B8912}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe () [File not signed]
FirewallRules: [{B62046E8-09F5-4ABC-86FD-928EF589611E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{7336E6E6-ABCD-4F9C-A531-DB6A488377A1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{995C4705-DCD5-4CE1-8C90-C07962B03019}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{72C4A494-7A38-4740-B83A-55363E1F82A9}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{91326404-2801-42CF-94CE-C4867B6CEB4A}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{F4AFA112-1526-48ED-92A0-E759883AE6E4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{ECD61BC1-0B53-416E-BF54-DA40A6A82014}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{C711B1CF-C604-4D69-BBC0-04C941DCDFC0}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4A36321A-9482-4284-8648-B54FDC0959F3}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{733A95A1-7E0C-42BD-9437-09A0671B072A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A7467B3-7086-4049-B9FD-42715D308416}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{87B9E64B-14F5-4D01-854C-AC69B9DA660F}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C8C2BE0F-BA6A-48FD-965D-4A42BFAAE200}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{42816947-43DE-4E1B-A8FB-3DB849D965E4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{1E2B2AEA-7D5D-4C04-9244-5EF6D196D062}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7DDEEF25-B81E-48AD-A714-7A72F7F33E72}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7FB66747-ACF1-46B8-B383-D01D9FEF2630}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{7B61E014-FA4B-42CB-94D3-91E88AD4CBC1}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{7F429F55-6A5E-4E16-8FC6-78B72E0A8E88}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{8D8EE581-5162-4C56-A0F1-C89068CEF9D2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BFBB018E-1347-4A0C-827F-3079A5AD15BD}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{26A7B0F3-A46B-410B-A005-7041E16686C2}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1503D741-E655-4E06-BD66-D83F7B132ACD}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{68E26EDD-8731-4C98-B9EB-93695E7AC7E8}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{03E689F9-E8E5-4712-A45D-4A2D525413AA}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2BA9A16C-46EB-4422-BCAB-2D942A9ACB05}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0BC9E5BB-A283-4C64-B19D-237308EB685D}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E3B7479B-B547-480C-840D-0153EBBD864A}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0DB68751-630C-4D7E-8E80-B93234DDED58}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A7590DA8-48A7-4246-8C79-65A6D948D2C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3550869-B2ED-4D1B-BB26-3699D8CFBD90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F52B472D-F7A3-4358-BD19-6295CE9259BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55893C2F-723E-4A36-B194-A6AA0DDF9965}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D8815FED-A3BE-4080-B01D-AF146AF2E780}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7A18F4B2-F4CD-414B-88E3-9573DAB51052}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9A691414-979B-4B28-813B-A1E7CBA39BFB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/23/2022 02:12:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 02:06:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 01:37:11 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 01:32:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 12:01:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/23/2022 10:47:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Název chybujícího modulu: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Kód výjimky: 0xc000041d
Posun chyby: 0x0000000000010476
ID chybujícího procesu: 0x1474
Čas spuštění chybující aplikace: 0x01d856ee643c7370
Cesta k chybující aplikaci: C:\Program Files\IDT\WDM\sttray64.exe
Cesta k chybujícímu modulu: C:\Program Files\IDT\WDM\sttray64.exe
ID zprávy: 5a3f995f-790d-4199-b793-e2cff4054052
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/23/2022 10:45:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.722.3302.0, časové razítko: 0x62447170
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1645, časové razítko: 0x630193b4
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b362
ID chybujícího procesu: 0x1970
Čas spuštění chybující aplikace: 0x01d856ee53df324b
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8b52312f-451d-441e-b011-f0d9aa50db16
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.722.3302.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (04/23/2022 10:45:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Název chybujícího modulu: sttray64.exe, verze: 1.0.6433.0, časové razítko: 0x5088bc13
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000010476
ID chybujícího procesu: 0x1474
Čas spuštění chybující aplikace: 0x01d856ee643c7370
Cesta k chybující aplikaci: C:\Program Files\IDT\WDM\sttray64.exe
Cesta k chybujícímu modulu: C:\Program Files\IDT\WDM\sttray64.exe
ID zprávy: 81d5c38b-4ef9-4d10-91e1-d5acc30872c7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (04/23/2022 11:31:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Správce instalace zařízení neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/23/2022 11:31:45 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Správce instalace zařízení bylo dosaženo časového limitu (30000 ms).
Error: (04/23/2022 10:39:05 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (04/23/2022 10:35:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Software Framework Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/23/2022 10:35:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HP Software Framework Service bylo dosaženo časového limitu (45000 ms).
Error: (04/23/2022 10:34:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NcbService byla ukončena s následující chybou:
Zařízení připojené k systému nefunguje.
Error: (04/23/2022 10:33:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:39:31, 17.04.2022) bylo neočekávané.
Error: (04/17/2022 09:37:49 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.
CodeIntegrity:
===============
Date: 2022-04-23 11:07:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-04-23 10:46:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\setup\uat_3016.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-04-23 10:39:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Hewlett-Packard 68SCF Ver. F.08 08/26/2011
Motherboard: Hewlett-Packard 161C
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 83%
Total physical RAM: 4006.36 MB
Available physical RAM: 652.52 MB
Total Virtual: 8102.36 MB
Available Virtual: 2724.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.17 GB) (Free:184.96 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{ea556af6-7159-11e4-a176-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{b1d89fcc-0000-0000-0000-40d139000000}\ () (Fixed) (Total:0.8 GB) (Free:0.24 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: B1D89FCC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=818 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by User (administrator) on USER-PC (Hewlett-Packard HP EliteBook 8460p) (23-04-2022 14:15:21)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1645 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics Corporation) [File not signed] C:\Program Files\IDT\WDM\AESTSr64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (HP Inc. -> ) C:\Windows\SysWOW64\spdsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2016-10-13] (IDT, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2016-10-13] (Intel Corporation -> Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [sznAgent] => C:\Users\User\AppData\Roaming\Seznam Browser-be182612-c9e6-43cb-b5e9-52a10253f4ef\sznAgent\Seznam.cz.exe [168296 2021-12-08] (Seznam.cz, a.s. -> Seznam.cz)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36705520 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540408 2022-04-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2312916346-564570717-1298912178-1000\...\RunOnce: [Uninstall 22.055.0313.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\User\AppData\Local\Microsoft\OneDrive\22.055.0313.0001"
HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DLL [597792 2013-09-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\x64\us003pc.dll [43520 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\ssm4m Langmon: C:\WINDOWS\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us003 Langmon: C:\WINDOWS\system32\us003lm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-23] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {0F2FF57F-9524-4996-BAA2-BAFD59D96419} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [30836464 2022-04-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {11C3783E-DE66-4E1B-8C7D-2D9DEE4CE1D1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752384 2021-02-25] (HP Inc. -> )
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {36A62E49-B705-4DE9-8BB2-D0D412E19468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4674752B-CE0B-4E65-8B87-CDD850C70B4F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A6E0CEF-EE0E-4442-A258-B8C71A07DCD9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4AF7F516-BE64-4FB7-A2A8-7279EFA515BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4CEBD837-CD6B-4066-8BED-3CE2210E461A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpCmdRun.exe [473544 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {57D384A4-43A3-475B-AFEC-80FA025AEAE6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {58F12A66-94FD-47E1-8670-758B51B7A354} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {6FFCEEF5-2869-4261-A140-BA2CE1747629} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {70A91560-141E-49E3-9D22-E627395819B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-07] (Google Inc -> Google Inc.)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {934CCB92-5324-494E-8B63-D264E0223497} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2296088 2022-03-09] (Avast Software s.r.o. -> Avast Software)
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AA4D8F8A-DECD-42CD-90FA-B5515EB729BC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AB392A12-5D17-4BB0-841F-8F80FB7DF474} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe (No File)
Task: {AB5FAAA0-6B29-41AE-8042-0BBE866D6E9F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B0324F95-BCA2-42C0-A20E-7F0D9438119C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B2104D91-9840-448E-9D33-AC0115D6A514} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4992792 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F0A3424C-E23C-4E12-AA08-F2A7EA8BD45A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-04-07] (Piriform Software Ltd -> Piriform)
Task: {F3B3FADB-6DB6-40C5-9D8E-E82C81FF66EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9f21d08e-778b-48ff-a756-294c04d5aeb1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dca730cd-5246-456b-a0d0-7c37960977a8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ddc50129-4591-4e9e-922a-136507dcf748}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e38b3080-d786-4851-a737-1104c467905f}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-23]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-04-23]
CHR Notifications: Default -> hxxps://cs.soringpcrepair.com; hxxps://free-message.services; hxxps://message-alert.info; hxxps://pushpush.net; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-03-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2016-10-13] (Andrea Electronics Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8483920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [564504 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [563992 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-04] (Avast Software s.r.o. -> AVAST Software)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [508488 2018-05-24] (HP Inc. -> )
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2016-07-25] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2016-10-13] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36768 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [228912 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [378944 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252984 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100408 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42400 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [269448 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [546296 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83968 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [855320 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [556088 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-04-03] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [320904 2022-04-23] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 johci; C:\WINDOWS\System32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snp2uvcW10.sys [2530920 2015-12-20] (Sonix Technology CO., LTD -> Sonix Tech. Co., Ltd.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-23 11:06 - 2022-04-23 11:01 - 000215936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asweeabb177b1e95a80.tmp
2022-04-23 11:06 - 2022-04-23 11:00 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-04-23 10:58 - 2022-04-23 14:17 - 000026587 _____ C:\Users\User\Desktop\FRST.txt
2022-04-23 10:55 - 2022-04-23 14:16 - 000000000 ____D C:\FRST
2022-04-23 10:47 - 2022-04-23 10:52 - 002366976 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-04-17 09:24 - 2022-04-17 09:24 - 000171928 _____ C:\Users\User\Documents\cc_20220417_092406.reg
2022-04-15 20:51 - 2022-04-15 20:51 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-15 20:50 - 2022-04-15 20:50 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-15 20:49 - 2022-04-15 20:49 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-15 20:47 - 2022-04-15 20:47 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-15 19:29 - 2022-04-15 19:29 - 000000000 ___HD C:\$WinREAgent
2022-04-13 20:54 - 2022-04-13 20:54 - 001154736 _____ (Avast Software) C:\Users\User\Downloads\avast_cleanup_online_setup.exe
2022-04-09 16:08 - 2022-04-09 16:10 - 066988883 _____ C:\Users\User\Downloads\zasilka-XCR3G7Z3WUG5RSJT.zip
2022-04-08 21:20 - 2022-04-08 21:20 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-04-08 21:16 - 2022-04-08 21:16 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-04-08 21:14 - 2022-04-08 21:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-04-08 21:12 - 2022-04-08 21:12 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-04-08 21:11 - 2022-04-08 21:11 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-04-04 08:08 - 2022-04-04 08:08 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-04-03 17:05 - 2022-04-03 17:04 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-23 14:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-23 14:02 - 2020-07-29 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-23 13:29 - 2016-02-07 14:15 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-23 12:47 - 2016-02-07 14:16 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-23 12:47 - 2016-02-07 14:16 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-23 12:09 - 2020-07-29 14:59 - 001874804 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-23 12:09 - 2019-12-07 16:43 - 000782820 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-23 12:09 - 2019-12-07 16:43 - 000172518 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-23 12:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-23 12:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-23 12:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-23 11:26 - 2020-07-29 15:12 - 000004192 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2C6EB98C-803D-4DAD-BC91-0B73F657AFD3}
2022-04-23 11:24 - 2020-07-29 15:12 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-23 11:24 - 2020-07-29 15:12 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-23 11:17 - 2020-08-06 12:56 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-23 11:17 - 2020-08-06 12:56 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-04-23 11:15 - 2021-12-11 17:54 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 15:12 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2312916346-564570717-1298912178-1000
2022-04-23 11:15 - 2020-07-29 14:40 - 000002411 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-23 11:08 - 2020-07-29 15:12 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-04-23 11:08 - 2017-12-10 14:42 - 000320904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-04-23 11:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-23 11:01 - 2020-10-26 13:14 - 000269448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-04-23 11:01 - 2020-04-21 11:53 - 000546296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000252984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000100408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-04-23 11:01 - 2019-05-10 07:47 - 000042400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000556088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-04-23 11:01 - 2017-12-10 14:42 - 000083968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000378944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-04-23 10:59 - 2019-05-10 07:47 - 000036768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000855320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-04-23 10:59 - 2017-12-10 14:42 - 000228912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-04-23 10:49 - 2017-02-13 15:41 - 000000000 ____D C:\Program Files\CCleaner
2022-04-23 10:48 - 2017-04-25 19:02 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2022-04-23 10:33 - 2020-07-29 15:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-23 10:33 - 2020-07-29 14:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-17 09:40 - 2017-10-10 22:29 - 000000000 ____D C:\ProgramData\AVAST Software
2022-04-17 09:38 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-17 09:18 - 2020-03-09 16:52 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2022-04-15 21:43 - 2020-07-29 14:33 - 000289736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-15 21:39 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-15 21:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-15 21:06 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-14 07:43 - 2017-12-11 14:55 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2022-04-13 20:25 - 2015-09-03 11:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 20:21 - 2015-09-03 11:24 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-12 18:46 - 2020-07-29 15:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-04-10 08:38 - 2021-01-24 17:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-08 23:00 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-04-08 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-04-08 22:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-04-08 21:11 - 2020-07-29 14:38 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-07 08:32 - 2020-08-06 12:55 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-07 08:32 - 2020-08-06 12:55 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 20:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-03 17:04 - 2020-10-26 13:14 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
2022-04-03 17:04 - 2020-04-21 11:53 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
2022-04-03 17:04 - 2019-05-10 07:47 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
2022-04-03 17:04 - 2017-12-10 14:42 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
2022-04-03 17:02 - 2019-05-10 07:47 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
2022-04-03 17:02 - 2017-12-10 14:42 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
==================== Files in the root of some directories ========
2020-10-16 09:15 - 2020-11-27 10:28 - 000001540 _____ () C:\Users\User\AppData\Roaming\debug.log
2016-07-26 13:29 - 2016-07-26 13:29 - 000000000 _____ () C:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
2016-07-27 18:20 - 2016-07-27 18:20 - 000000000 _____ () C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velmi pomalý NTB
OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
c:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8})
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velmi pomalý NTB
Fixlog se vygeneroval a uložil až na třetí pokus, tak snad to k něčemu bude
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by User (24-04-2022 19:32:35) Run:3
Running from C:\Users\User\Desktop
Loaded Profiles: User & DefaultAppPool
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
c:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8})
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => not found
ask: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0E7047-6955-45D7-8FEE-86EB1CA0D711}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C10AE92-AC22-4834-9EFD-95568F2931CB}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23F4C26D-191F-4FEE-9D33-0099C46864B5}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B1F6C5F-5A72-41B6-8A5A-EE27FF561336}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0}" => not found
"C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D611771-40ED-4AB3-8559-E0BEB7DA1E26}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C039725-2239-4000-BFF7-0D97E97A53AC}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BE24E1C-5A95-46A8-82F7-459CD8C203DE}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A661A1-BCEF-4499-868C-2E9428FBBDC3}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65D7A477-3D28-4295-9380-B8FA31A35ED2}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69D5BDA2-532D-47ED-96D6-FB7D26336996}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C1368FB-025E-43BE-97BE-92CC9E50EEF6}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EFD85D5-71A3-4E6B-8DBB-6772E8414F69}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82B7C3BD-B6A8-4172-835F-EA5DB5403FF2}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D229E57-1C30-479B-AC01-DAFA5E6AE04F}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{903CE6BC-8F14-4A36-AF7D-C0995CFC733E}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9683357B-3AED-478A-B682-BDEA880F7F9D}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9613DB0-1B81-4269-A312-CCA39046C185}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFF83838-2699-4835-93A5-306F972D790F}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3868861-B8E1-4399-A4B0-6195711708BA}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B768D2F6-3249-493B-AA27-C24949E049A5}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCD33FD6-8467-42EE-8BAD-E3165403AECA}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF1EE599-1014-4629-BD7A-E0FDBC002408}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0D34A9B-9DFC-4780-A056-0B6C349BA385}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D87D091F-7B72-4FE6-89D6-E5368479E745}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC955668-DA85-4F4E-8979-9547AFF8CAE5}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E932448C-5827-45A6-8430-A4E6D487FA19}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA840A15-B1E4-4671-BA50-6A385D24698C}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F54B576A-6608-432B-AFCC-74AB69AD1D21}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEDDDFC8-D130-4F40-9220-9391C2BE813E}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF91095F-0BAE-465A-805D-056A7E498287}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => not found
idsvc => service not found.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp" => not found
"c:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}" => not found
"C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8})" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11585938 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 20092 B
Edge => 0 B
Chrome => 7415089 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7774 B
NetworkService => 7774 B
User => 124068 B
DefaultAppPool => 124068 B
RecycleBin => 0 B
EmptyTemp: => 18.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:33:47 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by User (24-04-2022 19:32:35) Run:3
Running from C:\Users\User\Desktop
Loaded Profiles: User & DefaultAppPool
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
ask: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {0C0E7047-6955-45D7-8FEE-86EB1CA0D711} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {0C10AE92-AC22-4834-9EFD-95568F2931CB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {23F4C26D-191F-4FEE-9D33-0099C46864B5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2B1F6C5F-5A72-41B6-8A5A-EE27FF561336} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0) (No File)
Task: {3D611771-40ED-4AB3-8559-E0BEB7DA1E26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {4C039725-2239-4000-BFF7-0D97E97A53AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5BE24E1C-5A95-46A8-82F7-459CD8C203DE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {63A661A1-BCEF-4499-868C-2E9428FBBDC3} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {65D7A477-3D28-4295-9380-B8FA31A35ED2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {69D5BDA2-532D-47ED-96D6-FB7D26336996} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {7C1368FB-025E-43BE-97BE-92CC9E50EEF6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {7EFD85D5-71A3-4E6B-8DBB-6772E8414F69} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {82B7C3BD-B6A8-4172-835F-EA5DB5403FF2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {8D229E57-1C30-479B-AC01-DAFA5E6AE04F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {903CE6BC-8F14-4A36-AF7D-C0995CFC733E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9683357B-3AED-478A-B682-BDEA880F7F9D} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A9613DB0-1B81-4269-A312-CCA39046C185} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AFF83838-2699-4835-93A5-306F972D790F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B3868861-B8E1-4399-A4B0-6195711708BA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B768D2F6-3249-493B-AA27-C24949E049A5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CCD33FD6-8467-42EE-8BAD-E3165403AECA} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {CF1EE599-1014-4629-BD7A-E0FDBC002408} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D0D34A9B-9DFC-4780-A056-0B6C349BA385} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D87D091F-7B72-4FE6-89D6-E5368479E745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC955668-DA85-4F4E-8979-9547AFF8CAE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {E932448C-5827-45A6-8430-A4E6D487FA19} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {EA840A15-B1E4-4671-BA50-6A385D24698C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F54B576A-6608-432B-AFCC-74AB69AD1D21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FEDDDFC8-D130-4F40-9220-9391C2BE813E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {FF91095F-0BAE-465A-805D-056A7E498287} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp
C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp
C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp
C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp
C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp
C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp
C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp
C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp
C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp
C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp
C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp
C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp
C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp
c:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}
C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8})
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => not found
ask: {05F262B0-264B-4E41-A926-191E4F086BDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0E7047-6955-45D7-8FEE-86EB1CA0D711}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C10AE92-AC22-4834-9EFD-95568F2931CB}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23F4C26D-191F-4FEE-9D33-0099C46864B5}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B1F6C5F-5A72-41B6-8A5A-EE27FF561336}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC1D068-AAA5-4D89-88BF-94F75EC4C4C0}" => not found
"C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D611771-40ED-4AB3-8559-E0BEB7DA1E26}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C039725-2239-4000-BFF7-0D97E97A53AC}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AF9DCEF-471C-455D-A5A6-FC7671EFEA0D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BE24E1C-5A95-46A8-82F7-459CD8C203DE}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63A661A1-BCEF-4499-868C-2E9428FBBDC3}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65D7A477-3D28-4295-9380-B8FA31A35ED2}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68B7EEEB-D7EB-4221-A7A7-54CCE3CF0F42}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69D5BDA2-532D-47ED-96D6-FB7D26336996}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C1368FB-025E-43BE-97BE-92CC9E50EEF6}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EFD85D5-71A3-4E6B-8DBB-6772E8414F69}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82B7C3BD-B6A8-4172-835F-EA5DB5403FF2}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D229E57-1C30-479B-AC01-DAFA5E6AE04F}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{903CE6BC-8F14-4A36-AF7D-C0995CFC733E}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9683357B-3AED-478A-B682-BDEA880F7F9D}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9613DB0-1B81-4269-A312-CCA39046C185}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFF83838-2699-4835-93A5-306F972D790F}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3868861-B8E1-4399-A4B0-6195711708BA}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B768D2F6-3249-493B-AA27-C24949E049A5}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCD33FD6-8467-42EE-8BAD-E3165403AECA}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF1EE599-1014-4629-BD7A-E0FDBC002408}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0D34A9B-9DFC-4780-A056-0B6C349BA385}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D87D091F-7B72-4FE6-89D6-E5368479E745}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC955668-DA85-4F4E-8979-9547AFF8CAE5}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E932448C-5827-45A6-8430-A4E6D487FA19}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA840A15-B1E4-4671-BA50-6A385D24698C}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F54B576A-6608-432B-AFCC-74AB69AD1D21}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEDDDFC8-D130-4F40-9220-9391C2BE813E}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF91095F-0BAE-465A-805D-056A7E498287}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => not found
idsvc => service not found.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\system32\Drivers\asw784b3b6fa1b7c6c4.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswd2dc517787486cef.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswbbea86db3dbe6843.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw8d8ce1acf356cd84.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw346ef2f7a0375747.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswbc0143e9f0ee2165.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswd92d0f3e14a79cfc.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswc0de50e160b1bea3.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw8cb7cf9f680789f4.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw738e41060b0941b9.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw990a9b3c6539eba9.tmp" => not found
"C:\WINDOWS\system32\Drivers\aswfa49978104accbd0.tmp" => not found
"C:\WINDOWS\system32\Drivers\asw69b4fa96720044c8.tmp" => not found
"c:\Users\User\AppData\Local\{5711BEC9-1137-43D8-87AC-E2FE41CDDDAD}" => not found
"C:\Users\User\AppData\Local\{D8FAFBE0-CA67-4886-A20C-927BD8622DB8})" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11585938 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 20092 B
Edge => 0 B
Chrome => 7415089 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7774 B
NetworkService => 7774 B
User => 124068 B
DefaultAppPool => 124068 B
RecycleBin => 0 B
EmptyTemp: => 18.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:33:47 ====
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velmi pomalý NTB
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velmi pomalý NTB
Start WIN určitě svižnější, ale do ideálního stavu to má ještě daleko
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velmi pomalý NTB
Ještě spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velmi pomalý NTB
Zdravím, tak log z AdWare zde
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-25-2022
# Duration: 00:00:21
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\User\AppData\Local\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2281 octets] - [25/04/2022 20:30:06]
AdwCleaner[S01].txt - [2342 octets] - [25/04/2022 20:32:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-25-2022
# Duration: 00:00:21
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\User\AppData\Local\Seznam.cz
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2281 octets] - [25/04/2022 20:30:06]
AdwCleaner[S01].txt - [2342 octets] - [25/04/2022 20:32:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velmi pomalý NTB
OK. Pokud se stále nic nezměnilo, zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velmi pomalý NTB
Tak po defragmentaci nastalo výrazné zlepšení
Díky moc za pomoc !
Přeji hezký večer.
Díky moc za pomoc !
Přeji hezký večer.
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velmi pomalý NTB
Hezký večer i vám a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.