Pomalý notebook nelze aktualizovat

Zpráva

Hop · #1 Příspěvek od **Hop** » 29 zář 2021 22:16

Dobrý den, případně ahoj Rudy!
Mám před sebou notebook přátel, kteří mi jej dali s tím, že je strašně pomalý a měli pravdu.
Procesor nebo disk běželi na 100%, notebook byl zatuhlý.
ADWcleaner nenašel vůbec nic, po této stránce je ntb čistý.
Vyčistil jsem ho ccleanerem, trošku to pomohlo, nánosů tam bylo dost.
Zkoušel jsem ntb aktualizovat a několik aktualizací prošlo, ale další hlásily různé chyby, které jsem se dle návodů snažil odstranit.
Po restartu a přihlášení Comodo hlásilo svoji vlastní chybu, nakonec jsem Comodo odinstaloval. Trošku se ntb zrychlil, ale
když jsem pak znovu zkoušel spustit aktualizaci, tak se rozběhlo stahování, ale zůstalo na 10% a dál to nešlo. Ntb se najednou nedokázal připojit k síti, kde předtím byl připojený, měl jinou IP adresu, masku 255.255.0.0., bránu měl správnou. Nefungovalo připojení ani přes ethernet, ani přes wifi. Nakonec jsem mu nastavil pevnou IP a ani to nepomohlo. Zrestartoval jsem se do nouzového režimu se sítí a tady jsem na pevné IP konečně připojený, zrušit pevnou IP jsem zatím nezkoušel.
Prosím,
podívejte se na logy, napište mi, co s tím, přijdete-li na něco.
Předem děkuji.
S pozdravem
Pavel

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by pavli (administrator) on DESKTOP-GFRH7GI (ASUSTeK COMPUTER INC. X553MA) (29-09-2021 22:48:52)
Running from C:\Users\pavli\Desktop
Loaded Profiles: pavli
Platform: Windows 10 Home Version 2004 19041.630 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Safe Mode (with Networking)

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Run: [HP DeskJet 4530 series (NET)] => C:\Program Files\HP\HP DeskJet 4530 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Run: [SuuntolinkLauncher] => C:\Users\pavli\AppData\Local\Suuntolink\app-2.24.3\resources\app\LaunchAgents\SuuntolinkLauncher.exe [1298544 2019-06-23] (Suunto Oy -> )
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871024 2019-08-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\pavli\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-06-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\pavli\AppData\Local\WebEx\ciscowebexstart.exe [4693328 2021-08-28] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\WINDOWS\system32\hpinkstsD811LM.dll [392232 2016-02-22] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-24] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0AFC942C-9FE4-4921-B987-89A1EB7B90E2} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {0C60AF05-9AC8-480C-8A48-DA9F97705712} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {0D7E3446-8A6A-42B6-8ED5-1AF23A77C80A} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2314008 2019-06-05] () [File not signed]
Task: {0D958AB7-B2C8-438B-BA42-23C8E54FFB67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-07-29] (Google Inc -> Google Inc.)
Task: {0E6E52D9-EC6E-4BA0-86AE-3381BD3F1354} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {1012EE44-9E21-4572-A6A4-9676845DD942} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {115DB92D-A012-4140-AA5E-5BDAA6CB5467} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113536 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {19877ECC-603C-4826-BA65-14D9B98EAB1B} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.)
Task: {205415D7-F8CA-4BB1-AE0F-FBB9BAEB720F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {213763FC-9F43-41A2-91B7-400FC278072F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {216027EE-6D4C-4195-A91B-A4C5AA30AC53} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {2282F1CF-B7BC-4631-8968-1E306987205F} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {26D9076C-EDAD-430E-92CB-FD15B6AC5C18} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F7A9FD5-9F70-4822-9D57-988DE3C01148} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-08-21] (Garmin International, Inc. -> )
Task: {43F3973E-2B58-48E8-98E0-747FB34B4D62} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [5439384 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {55E6A399-B0F7-4346-9993-654C4FB46C97} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {6B4B0F07-D376-462F-8D1F-10D3F3841816} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C61170C-7860-4BDC-BAEE-19660B4F0FCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-07-29] (Google Inc -> Google Inc.)
Task: {6CFD9D40-0762-47B7-89C2-C09CE1E44886} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {7457DFE7-F498-471C-9965-1DB863069A41} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [434176 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {75974337-9EA9-4C07-863B-5D7A4AE14EC1} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {79A22091-37FC-4887-9B0F-11B7CFB24CD3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {79D2D510-1B97-44D3-82C7-399751F62005} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7DF7D2BE-07EA-43FA-87EC-2801FAC6EBE0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1155480 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {81ADB51C-D711-47C1-9A01-B4BC8C14CEEA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {857B37EB-FDF9-45F2-BD47-FB5DD5A3A64C} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {93501640-ECD9-4108-B0AD-BABB57140E7D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {958EF221-E969-43DF-AEDC-013AAF0FEB9A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {A14470E3-78D6-44D0-B061-6A504E3106A5} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {A2DD6B7F-BE49-4BAB-B2CD-6635D1AD14D9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {A74328D2-7DF9-4F78-A5F5-7A66A02BE720} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113536 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB4AB8E5-314D-494F-9C6D-FCAE6742B296} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {AF26791D-E720-4D36-8E2F-4D2A6B4B20D9} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {BD6E79AC-A1E8-433E-A07B-3DF378285C6E} - System32\Tasks\CCleanerSkipUAC - pavli => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BE393A7E-3F56-41B1-BE33-766F167459EB} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {C50CF790-9A8D-4E66-8629-76F10D82D5E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {C6DA2531-A8A8-490D-AB88-A11884C89FF3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [434176 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {C79FE8B6-7105-4AFD-B8BF-6DCB87FAFB2B} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {CC5D4D38-3B00-4123-A361-38077AF63556} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {D0ED4EE2-E6C7-430E-8015-7095D977EBDF} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {D176EEE4-D20B-4192-93D1-C3C42AF53765} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe
Task: {D4327F35-108F-4A72-A11E-DDDDA7E180B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ED438D9F-080B-468B-9706-51B294E9879B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {F670E677-B5BA-4B0A-984F-2003E8AE484F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\45206A87-2AE7-4E35-99BC-67639C8BB822\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [459776 2020-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {FEA787E2-EAC7-4397-B726-8176860614F4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{ab19661d-1012-4f45-8895-e3adda5a64b3}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{e1ded5ca-ec53-4d30-b4b8-3dfb0bfaa8d2}: [DhcpNameServer] 217.31.204.130 8.8.8.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\pavli\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-29]
Edge StartupUrls: Default -> "hxxps://seznam.cz/"
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}

FireFox:
========
FF DefaultProfile: servis23.default
FF ProfilePath: C:\Users\pavli\AppData\Roaming\Mozilla\Firefox\Profiles\servis23.default [2021-09-28]
FF Homepage: Mozilla\Firefox\Profiles\servis23.default -> hxxps://www.google.cz/
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\pavli\AppData\Roaming\Mozilla\Firefox\Profiles\servis23.default\Extensions\cs@dictionaries.addons.mozilla.org [2018-07-06] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\pavli\AppData\Roaming\Mozilla\Firefox\Profiles\servis23.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-04-07]
FF Extension: (Google Code Correction) - C:\Users\pavli\AppData\Roaming\Mozilla\Firefox\Profiles\servis23.default\features\{44796bae-70b5-4564-9000-814cf5d58adc}\google-code-correction@mozilla.org.xpi [2018-07-06] [Legacy]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\pavli\AppData\Local\Google\Chrome\User Data\Default [2021-09-29]
CHR Notifications: Default -> hxxps://bestdealfor11.life; hxxps://cz.pinterest.com; hxxps://damefilm.sk; hxxps://kaseine.info; hxxps://meet.google.com; hxxps://studentmag.topzine.cz; hxxps://teams.microsoft.com; hxxps://womanonly.topzine.cz; hxxps://www.facebook.com; hxxps://www.firstclass.cz; hxxps://www.flv2mp3.by; hxxps://www.flvto.biz; hxxps://www.hudysport.sk; hxxps://www.myswitzerland.com; hxxps://www.netflix.com; hxxps://www.regiojet.cz; hxxps://www.sevt.cz
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\pavli\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-11-07]
CHR Profile: C:\Users\pavli\AppData\Local\Google\Chrome\User Data\System Profile [2019-11-07]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3593728 2020-12-12] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
S1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47072 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [51128 2015-10-29] (WDKTestCert sys_dpebuild,130674149657513416 -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129208 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
S1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9ac5f7d6; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D18B9388-4AA0-4477-B81B-35A16C09C989}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-29 22:48 - 2021-09-29 22:50 - 000021077 _____ C:\Users\pavli\Desktop\FRST.txt
2021-09-29 22:47 - 2021-09-29 22:46 - 002304512 _____ (Farbar) C:\Users\pavli\Desktop\FRST64.exe
2021-09-29 22:45 - 2021-09-29 22:46 - 002304512 _____ (Farbar) C:\Users\pavli\Downloads\FRST64.exe
2021-09-29 22:40 - 2021-09-29 22:40 - 011697056 _____ (ESET) C:\Users\pavli\Downloads\esetonlinescanner.exe
2021-09-29 22:35 - 2021-09-29 22:48 - 000193280 _____ C:\WINDOWS\ntbtlog.txt
2021-09-28 22:10 - 2021-09-28 22:10 - 000000000 ___HD C:\$WinREAgent
2021-09-28 20:50 - 2021-09-29 22:37 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-09-28 20:36 - 2021-09-28 20:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-09-28 20:36 - 2021-09-28 20:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-09-28 12:45 - 2021-09-28 12:45 - 000000000 ____D C:\ProgramData\ASUS
2021-09-28 12:42 - 2021-09-28 12:42 - 000003980 _____ C:\WINDOWS\system32\Tasks\Update Checker
2021-09-28 12:42 - 2021-09-28 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2021-09-27 22:22 - 2021-09-27 22:37 - 000000000 ___HD C:\$WINDOWS.~BT
2021-09-27 11:54 - 2021-09-27 11:54 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - pavli
2021-09-27 11:52 - 2021-09-27 11:52 - 036174008 _____ (Piriform Software Ltd) C:\Users\pavli\Downloads\ccsetup585.exe
2021-09-27 11:46 - 2021-09-27 11:46 - 008553680 _____ (Malwarebytes) C:\Users\pavli\Downloads\adwcleaner_8.3.0.exe
2021-09-24 22:15 - 2021-09-24 22:15 - 000000000 ____D C:\Users\pavli\Downloads\PAVLÍNA různé
2021-09-23 23:18 - 2021-09-23 23:18 - 000000162 ____H C:\Users\pavli\Desktop\~$JEDNÁVKA JÍDEL 2. 10. .odt
2021-09-23 23:17 - 2021-09-23 23:36 - 000005791 _____ C:\Users\pavli\Desktop\OBJEDNÁVKA JÍDEL 2. 10. .odt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-29 22:49 - 2020-04-07 22:30 - 000000000 ____D C:\FRST
2021-09-29 22:40 - 2018-05-27 20:18 - 000000000 ____D C:\Users\pavli\AppData\Local\D3DSCache
2021-09-29 22:35 - 2020-11-13 10:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-29 22:32 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-29 22:32 - 2016-07-29 13:09 - 000000000 __SHD C:\Users\pavli\IntelGraphicsProfiles
2021-09-29 22:31 - 2020-11-13 11:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-29 22:31 - 2020-11-13 11:08 - 000000000 ____D C:\Users\pavli
2021-09-29 22:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-29 22:29 - 2020-11-13 10:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-29 22:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-09-29 22:13 - 2016-07-29 14:15 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-29 22:12 - 2020-11-13 11:49 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-28 22:06 - 2018-06-15 16:49 - 000000000 ____D C:\Program Files\CCleaner
2021-09-28 22:00 - 2018-05-27 19:42 - 000001064 _____ C:\Users\pavli\Desktop\Total Commander.lnk
2021-09-28 21:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-28 21:33 - 2020-04-07 22:09 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2021-09-28 20:54 - 2020-04-07 22:07 - 000000000 ____D C:\Users\pavli\AppData\Local\Comodo
2021-09-28 20:54 - 2020-04-07 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2021-09-28 20:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-28 20:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-28 14:11 - 2017-08-11 21:07 - 000000000 ____D C:\Program Files (x86)\ASUS
2021-09-27 22:43 - 2020-11-13 11:46 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2021-09-27 22:43 - 2020-11-13 11:46 - 000001908 _____ C:\WINDOWS\diagerr.xml
2021-09-27 22:43 - 2020-11-03 16:47 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-27 12:56 - 2016-07-29 14:19 - 000000000 ____D C:\Users\pavli\AppData\Roaming\vlc
2021-09-27 12:14 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-27 12:12 - 2020-08-22 15:12 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-27 12:12 - 2020-08-22 15:12 - 000002263 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-27 12:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-09-27 12:03 - 2018-10-12 21:52 - 000000000 ____D C:\Users\pavli\AppData\Local\CrashDumps
2021-09-27 11:54 - 2020-11-13 11:08 - 000000000 ____D C:\Users\defaultuser1
2021-09-27 11:42 - 2020-04-07 21:55 - 000007629 _____ C:\Users\pavli\AppData\Local\Resmon.ResmonCfg
2021-09-27 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-09-24 21:48 - 2016-07-29 14:15 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-24 21:41 - 2016-07-29 13:10 - 000000000 ____D C:\Users\pavli\Desktop\PAVLÍNA různé
2021-09-23 23:41 - 2017-12-05 21:41 - 000000000 ____D C:\Users\pavli\AppData\Local\Packages
2021-09-22 22:01 - 2019-01-04 11:08 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-09-17 21:54 - 2020-11-13 11:49 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-17 21:52 - 2016-07-29 14:12 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-17 21:49 - 2016-07-29 13:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 21:37 - 2016-07-29 13:39 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-08 21:23 - 2018-05-27 20:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-08 21:21 - 2020-10-06 12:29 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-04 23:21 - 2020-11-11 14:06 - 000000000 ____D C:\Users\pavli\AppData\Local\WebEx
2021-09-04 23:20 - 2020-11-11 14:06 - 000000000 ____D C:\Users\pavli\AppData\LocalLow\WebEx
2021-09-04 08:34 - 2016-07-29 13:52 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories ========

2016-07-29 14:17 - 2004-08-17 11:14 - 000178176 _____ (PetH) C:\Program Files (x86)\Casovac.exe
2020-04-07 21:55 - 2021-09-27 11:42 - 000007629 _____ () C:\Users\pavli\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by pavli (29-09-2021 22:52:45)
Running from C:\Users\pavli\Desktop
Windows 10 Home Version 2004 19041.630 (X64) (2020-11-13 09:52:24)
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1429669008-1704897703-1738546953-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1429669008-1704897703-1738546953-503 - Limited - Disabled)
Guest (S-1-5-21-1429669008-1704897703-1738546953-501 - Limited - Disabled)
pavli (S-1-5-21-1429669008-1704897703-1738546953-1001 - Administrator - Enabled) => C:\Users\pavli
WDAGUtilityAccount (S-1-5-21-1429669008-1704897703-1738546953-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam)
ANT Drivers Installer x64 (HKLM\...\{8F3BCD5E-6E82-4C79-ABDC-8B9ACE5F9F63}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Cisco Webex Meetings (HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\ActiveTouchMeetingClient) (Version: 41.9.1 - Cisco Webex LLC)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA478445}) (Version: 1.4.159.0 - COMODO) Hidden
Elevated Installer (HKLM-x32\...\{D65F0A69-836E-419F-B817-A82A1A0B04A3}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{4A1D1574-78D4-48E5-A587-84392EEA5C8A}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{624907e5-2ad8-4617-a97f-9e051f9179dd}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
LibreOffice 5.1.4.2 (HKLM\...\{3D0938AC-CEED-48CF-9649-D433CE8A4AF7}) (Version: 5.1.4.2 - The Document Foundation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Teams) (Version: 1.3.00.13565 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 47.0.2 (x64 cs)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20238 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7586 - Realtek Semiconductor Corp.)
Shark007 STANDARD Codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 3.6.9 - Shark007)
Shark007 STANDARD x64Components (HKLM\...\STANDARD x64Components_is1) (Version: 3.6.9 - Shark007)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
Suuntolink (HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\Suuntolink) (Version: 2.24.3 - Suunto)
Svátky a výročí (HKLM-x32\...\{CB28705C-ED60-499A-90DE-E8BC41F75B65}) (Version: 2.09.0115 - Igor Gottwald - OKsoftware)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.22654 - Microsoft Corporation)
TomTom MyDrive Connect 4.2.7.3966 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.7.3966 - TomTom)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)
Zoom (HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:
=========
All Video Player HD -> C:\Program Files\WindowsApps\22450.TotalVideoPlayer_2.0.31.0_x64__0aqw1zw0x2snt [2021-01-28] (韵华软件)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.186.300.0_x86__kgqvnymyfvs32 [2021-02-10] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-14] (Microsoft Corporation)
DriveHQ FileManager Lite -> C:\Program Files\WindowsApps\DriveHeadquartersInc.DriveHQFileManager_3.2.60.4_x64__j364g042v2zkr [2020-04-07] (Drive Headquarters Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.2.834.0_x64__v10z8vjag6ke6 [2021-02-10] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-31] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-09] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-04-07] (Twitter Inc.)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2020-04-07] (VideoLAN)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\pavli\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\pavli\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\pavli\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20091.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-07-29] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2016-07-29] (Artem Izmaylov -> AIMP DevTeam) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter.acm [2231296 2013-04-06] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-06] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-07-29 14:18 - 2016-07-29 14:18 - 002059848 _____ (Artem Izmaylov -> AIMP DevTeam) [File not signed] C:\Program Files (x86)\AIMP\System\aimp_menu64.dll
2016-07-29 14:11 - 2016-05-21 10:19 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://seznam.cz
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
SearchScopes: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001 -> DefaultScope {EE013514-3F22-4E00-AAE0-5FB41B20FA0C} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001 -> {39F6F801-760C-445F-8BC4-A5E840480671} URL = hxxp://cs.wikipedia.org/w/index.php?title=SpeciA1lnAD:Search&search={searchTerms}
SearchScopes: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001 -> {4B592A4A-6007-4475-9071-435550F426C6} URL = hxxp://search.seznam.cz/searchScreen?w={searchTerms}&mod=f
SearchScopes: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001 -> {DE2D4DC1-C640-4374-9BD8-F81C47658F68} URL = hxxp://search.microsoft.com/results.aspx?mkt=cs-cz&setlang=cs-cz&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1429669008-1704897703-1738546953-1001 -> {EE013514-3F22-4E00-AAE0-5FB41B20FA0C} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2018-12-03 15:48 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pavli\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "vdcss"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "vdcss"
HKLM\...\StartupApproved\Run32: => "IseUI"
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\StartupApproved\Run: => "SuuntolinkLauncher"
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-1429669008-1704897703-1738546953-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{923F78C4-3940-4914-AEBB-9C32A7C61E6C}C:\users\pavli\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pavli\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{EC9177A1-75EC-4F51-9F94-77EA76229207}C:\users\pavli\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pavli\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0735B9E6-1197-49DB-AC04-11726888874B}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{163FECEB-AA6B-4429-83F6-D058296FF6D1}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{F123E6AE-F23A-4810-9767-E10C07C86744}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{840484DD-7800-4686-AEE7-21BD204663C5}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{04156176-E33E-471D-93F5-7DD3361242D1}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{CF56D86B-F4B5-4171-BC4F-D57BABCDDADC}] => (Allow) LPort=5357
FirewallRules: [{8023BE7C-4963-4C41-AFBA-448DADF215DA}] => (Allow) C:\Program Files\HP\HP DeskJet 4530 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DFB40568-CF70-4AB9-8040-7195887B90CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2B2391D1-610C-4AD0-995C-50D879F1E075}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22FAF699-CFFF-4820-8B51-06C6DBAE69EF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{D1E96796-6F95-4372-B245-6281FB96086E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{5158D93A-21E4-4CC9-9935-3E72135ACE35}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9BDC5789-DB21-4E6E-A43C-3899F2D51EF1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E577A63D-BF8F-4B15-9238-D104DBC00A1D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E0EC428C-993D-4EF5-BD6F-701232DF5842}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE5C6F5D-F617-474A-B4E6-79B832D533F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1C16F96-D5C1-4CF0-BB53-74A30B686E5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{203429A8-4A80-46F0-9961-8728247614F7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1AC6F78-CC13-42BB-B7C2-DFA51EAA04D7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E029F86-E394-4F81-B18E-F5F3C2BEBD32}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75A8105A-5932-453E-8697-DCB7EABFBFB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F12FC53A-9C7A-4BB2-93FF-3F8D8989BFC9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.31\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-09-2021 21:55:17 Instalační služba modulů systému Windows
19-09-2021 22:14:07 Instalační služba modulů systému Windows
27-09-2021 11:40:31 Instalační služba modulů systému Windows
27-09-2021 22:24:22 Instalační služba modulů systému Windows
27-09-2021 22:52:52 Instalační služba modulů systému Windows
28-09-2021 11:30:51 Instalační služba modulů systému Windows
28-09-2021 12:40:49 Installed ASUS Live Update
28-09-2021 19:38:22 Instalační služba modulů systému Windows
28-09-2021 20:01:49 Instalační služba modulů systému Windows
28-09-2021 20:10:33 Instalační služba modulů systému Windows
28-09-2021 21:26:56 Removing COMODO Client - Security

==================== Faulty Device Manager Devices ============

Name: Ovladač infrastruktury virtualizace Microsoft Hyper-V
Description: Ovladač infrastruktury virtualizace Microsoft Hyper-V
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: ========================

Application errors:
==================
Error: (09/29/2021 10:14:08 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/28/2021 09:48:58 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (09/28/2021 09:27:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service isesrv since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (09/28/2021 09:27:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service csssrv since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (09/28/2021 09:10:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.610 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1784

Čas spuštění: 01d7b49c12bb90e2

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: ba01a0b8-020d-484f-9bef-28e62ad9ba47

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-process

Error: (09/28/2021 09:09:54 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (09/28/2021 08:45:51 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (09/28/2021 08:01:23 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

System errors:
=============
Error: (09/29/2021 10:56:31 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby EventSystem s argumenty Není k dispozici za účelem spuštění serveru:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (09/29/2021 10:52:44 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GFRH7GI)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/29/2021 10:50:56 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GFRH7GI)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (09/29/2021 10:49:45 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GFRH7GI)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/29/2021 10:49:45 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GFRH7GI)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby VSS s argumenty Není k dispozici za účelem spuštění serveru:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (09/29/2021 10:49:45 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GFRH7GI)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby VSS s argumenty Není k dispozici za účelem spuštění serveru:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (09/29/2021 10:49:45 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GFRH7GI)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby VSS s argumenty Není k dispozici za účelem spuštění serveru:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (09/29/2021 10:49:44 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-GFRH7GI)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Windows Defender:
================
Date: 2021-09-28 13:18:50
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Název: PUA:Win32/CoinMiner
Závažnost: Vážné
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\pavli\AppData\Local\AVG Netherlands BV\AVG Driver Updater\Updates\hdd.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-GFRH7GI\pavli
Název procesu: C:\Program Files\TotalCMD\TOTALCMD.EXE
Verze bezpečnostních informací: AV: 1.349.1523.0, AS: 1.349.1523.0, NIS: 1.349.1523.0
Verze modulu: AM: 1.1.18500.10, NIS: 1.1.18500.10

Date: 2021-07-14 22:38:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B65E3E8A-384C-4A44-83CC-9E1555140A30}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE

Date: 2021-04-13 09:43:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Název: PUA:Win32/PiriformBundler
Závažnost: Vážné
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\pavli\Downloads\ccsetup543.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.335.706.0, AS: 1.335.706.0, NIS: 1.335.706.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5

Date: 2021-04-13 09:34:25
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=1
Název: PUA:Win32/PiriformBundler
Závažnost: Vážné
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\pavli\Downloads\ccsetup543.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-GFRH7GI\pavli
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.335.706.0, AS: 1.335.706.0, NIS: 1.335.706.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5

Date: 2021-09-29 22:46:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.349.1580.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18500.10
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.

Date: 2021-09-29 22:35:57
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2021-09-29 22:20:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.349.1580.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18500.10
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-09-29 22:10:32
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.349.1580.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18500.10
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-09-28 22:14:56
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.349.1580.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18500.10
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-09-29 22:48:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-29 22:46:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X553MA.208 07/09/2014
Motherboard: ASUSTeK COMPUTER INC. X553MA
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 42%
Total physical RAM: 3982.54 MB
Available physical RAM: 2303.19 MB
Total Virtual: 5262.54 MB
Available Virtual: 3816.97 MB

==================== Drives ================================

Drive a: () (Network) (Total:0 GB) (Free:0 GB)
Drive c: (Master) (Fixed) (Total:464.65 GB) (Free:205.56 GB) NTFS

\\?\Volume{eb1796e9-d295-4f24-8109-fe114c98d94f}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{dffd00ce-1ecf-4d5d-b1bf-24207cc3b7cb}\ () (Fixed) (Total:0.56 GB) (Free:0.07 GB) NTFS
\\?\Volume{8bb22de9-f156-498a-aecf-e0607fe0f223}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 344BF141)

Partition: GPT.

==================== End of Addition.txt =======================

Hop · #2 Příspěvek od **Hop** » 29 zář 2021 22:18

Ještě dodávám, že k notebooku se dostanu až v cca 15 hodin ve čtvrtek, pak budu reagovat.
Děkuji za Vaši ochotu.

Hop · #3 Příspěvek od **Hop** » 30 zář 2021 05:26

Posílám ještě log z esetonline, moc toho nenašel:

30.09.2021 2:34:25
Zkontrolováno souborů: 327223
Detekováno souborů: 3
Vyléčeno souborů: 3
Celkový čas kontroly 02:27:43
Stav kontroly: Dokončeno

C:\Program Files (x86)\AIMP\Uninstall.exe varianta Win32/AIMP.B potenciálně nechtěná aplikace vyléčen smazáním
C:\Users\pavli\Documents\OP 1029 Kucharikova - osobni data\Pavlína\AppData\Local\Temp\7zS59AC\Optional\HP_IPG_Toolbar_installer.exe Win32/Bundled.Toolbar.Google.D potenciálně zneužitelná aplikace vyléčen smazáním
C:\Users\pavli\Downloads\ccsetup501.exe Win32/Bundled.Toolbar.Google.D potenciálně zneužitelná aplikace vyléčen smazáním

Síťové karty fungují jen v nouzovém režimu se sítí, IP adresu si načtou sami přes wifi i přes drát.
V normálním režimu se nepřipojí ani s pevnou IP, při odstraňování chyb hlásí, že mám restartovat router.

#4 Příspěvek od **Rudy** » 30 zář 2021 09:49

Zdravím Pavle!

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0D958AB7-B2C8-438B-BA42-23C8E54FFB67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-07-29] (Google Inc -> Google Inc.)
Task: {205415D7-F8CA-4BB1-AE0F-FBB9BAEB720F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6C61170C-7860-4BDC-BAEE-19660B4F0FCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-07-29] (Google Inc -> Google Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
C:\Users\pavli\AppData\Local\AVG Netherlands BV\AVG Driver Updater\Updates\hdd.exe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Hop · #5 Příspěvek od **Hop** » 30 zář 2021 13:07

Děkuji,
připojení k síti zůstalo stejné, ntb najel trochu rychleji.
Posílám log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by pavli (30-09-2021 13:54:21) Run:1
Running from C:\Users\pavli\Desktop
Loaded Profiles: pavli
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0D958AB7-B2C8-438B-BA42-23C8E54FFB67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-07-29] (Google Inc -> Google Inc.)
Task: {205415D7-F8CA-4BB1-AE0F-FBB9BAEB720F} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6C61170C-7860-4BDC-BAEE-19660B4F0FCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-07-29] (Google Inc -> Google Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
C:\Users\pavli\AppData\Local\AVG Netherlands BV\AVG Driver Updater\Updates\hdd.exe

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D958AB7-B2C8-438B-BA42-23C8E54FFB67}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D958AB7-B2C8-438B-BA42-23C8E54FFB67}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{205415D7-F8CA-4BB1-AE0F-FBB9BAEB720F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{205415D7-F8CA-4BB1-AE0F-FBB9BAEB720F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6C61170C-7860-4BDC-BAEE-19660B4F0FCC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C61170C-7860-4BDC-BAEE-19660B4F0FCC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
"C:\Users\pavli\AppData\Local\AVG Netherlands BV\AVG Driver Updater\Updates\hdd.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22157385 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7392980 B
Edge => 68680 B
Chrome => 10908893 B
Firefox => 1224774 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 410772380 B
pavli => 1043868077 B
defaultuser1 => 1043868077 B

RecycleBin => 11697056 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 13:55:43 ====

#6 Příspěvek od **Rudy** » 30 zář 2021 13:16

Smazáno. Nastala nějaká změna?

VIRY.CZ

Pomalý notebook nelze aktualizovat

Pomalý notebook nelze aktualizovat

Re: Pomalý notebook nelze aktualizovat

Re: Pomalý notebook nelze aktualizovat

Re: Pomalý notebook nelze aktualizovat

Re: Pomalý notebook nelze aktualizovat

Re: Pomalý notebook nelze aktualizovat