Pomalý notebook a internet

[marvis]

Ahoj, prosím nějak se mi zpomalil notebook a internet, dá se to nějak zkontrolovat? Díky

[Rudy]

Zdravím!
Zkontrolujeme, zda nemáte v PC malware, nebo zbytečnosti. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[marvis]

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-04-2022
# Duration: 00:00:22
# OS: Windows 10 Home
# Scanned: 32049
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Rudy]

Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

[marvis]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-01-2022
Ran by User (administrator) on DESKTOP-K1KAJM8 (HP HP 250 G4 Notebook PC) (04-02-2022 18:14:41)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Microsoft Windows 10 Home Version 21H2 19044.1466 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\...\MountPoints2: {c85e8cae-7242-11ec-8ad2-b05ada9e2109} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\...\MountPoints2: {fe142372-590b-11ec-8fdb-b05ada9e2109} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP EE11 Status Monitor: C:\WINDOWS\system32\hpinkstsEE11LM.dll [383496 2015-08-31] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {26459D85-434F-4999-9677-4C2E85CDA24F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-19] (Google LLC -> Google LLC)
Task: {2D952D49-2726-4559-BDEB-4747A9059037} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33960C5F-F47F-4104-9555-0913BB3F0EB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3A03723A-7EF5-41B5-B625-8C94D0A1769F} - System32\Tasks\HPCustParticipation HP DeskJet 5820 series => C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPCustPartic.exe [6104720 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {C3CD99C3-7526-4284-B5DD-8AD81378C14C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-19] (Google LLC -> Google LLC)
Task: {C59A9D78-57B5-42A8-82D3-1A44E23A7643} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D84A4A85-DF8C-4D55-B378-FAE4E5994318} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {FFA06FE1-60CF-4390-8E06-A30173837F9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e94abcde-efa8-49c6-ba69-73cf25ed3a24}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-04]
Edge DownloadDir: Default -> C:\Users\User\Desktop
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-01-24]

FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-02-04]
CHR DownloadDir: C:\Users\User\Desktop
CHR Notifications: Default -> hxxps://gw.lightinthebox.com; hxxps://www.lightinthebox.com; hxxps://www.malirske-platno.cz
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Extension: (Překladač Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-01-19]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-19]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-19]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-19]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-19]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-19]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-19]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-04 18:14 - 2022-02-04 18:16 - 000011323 _____ C:\Users\User\Desktop\FRST.txt
2022-02-04 18:13 - 2022-02-04 18:15 - 000000000 ____D C:\FRST
2022-02-04 18:12 - 2022-02-04 18:13 - 002311680 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-02-04 17:06 - 2022-02-04 17:06 - 000000000 ____D C:\WINDOWS\Panther
2022-02-04 16:58 - 2022-02-04 16:58 - 008540344 _____ (Malwarebytes) C:\Users\User\Desktop\AdwCleaner.exe
2022-02-04 16:52 - 2022-02-04 16:53 - 000000000 ____D C:\AdwCleaner
2022-01-31 15:47 - 2022-01-31 17:47 - 1327504850 _____ C:\Users\User\Desktop\Jdi a dívej se-(drama)-(1985)--cz-dabing.AVI
2022-01-27 10:51 - 2022-01-27 10:51 - 001431311 _____ C:\Users\User\Documents\Stolek pro horní frézku.odt
2022-01-27 10:51 - 2022-01-27 10:51 - 000043956 _____ C:\Users\User\Documents\Nájemní smlouva dům vzor.odt
2022-01-27 10:51 - 2022-01-27 10:51 - 000014230 _____ C:\Users\User\Documents\PROGRAMY.odt
2022-01-27 10:51 - 2022-01-27 10:51 - 000013176 _____ C:\Users\User\Documents\Svoz komunálního odpadu.odt
2022-01-27 10:51 - 2022-01-27 10:51 - 000012932 _____ C:\Users\User\Documents\PVC podlaha Essentials.odt
2022-01-27 10:51 - 2022-01-27 10:51 - 000012019 _____ C:\Users\User\Documents\Logfile.odt
2022-01-27 10:51 - 2022-01-27 10:51 - 000011940 _____ C:\Users\User\Documents\ČESTNÉ PROHLÁŠENÍ.odt
2022-01-27 10:51 - 2022-01-27 10:51 - 000011500 _____ C:\Users\User\Documents\Školní potřeby.odt
2022-01-27 10:51 - 2022-01-27 10:51 - 000009622 _____ C:\Users\User\Documents\Reklamace.odt
2022-01-19 08:46 - 2022-01-19 08:46 - 000000000 ____D C:\Users\User\AppData\Local\CEF
2022-01-16 10:49 - 2022-01-16 10:49 - 000046670 _____ C:\Users\User\Desktop\Příloha.pdf
2022-01-16 10:30 - 2022-01-16 10:30 - 000001165 _____ C:\Users\Public\Desktop\LibreOffice 7.2.lnk
2022-01-16 10:30 - 2022-01-16 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.2
2022-01-16 10:28 - 2022-01-16 10:29 - 000000000 ____D C:\Program Files\LibreOffice
2022-01-16 09:50 - 2022-01-16 09:50 - 000000000 ____D C:\Users\User\AppData\Local\SolidDocuments
2022-01-16 09:09 - 2022-01-16 09:57 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-16 09:09 - 2022-01-16 09:57 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-01-16 09:08 - 2022-01-16 09:08 - 000000000 ____D C:\Program Files\Adobe
2022-01-16 09:06 - 2022-01-16 09:08 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-01-12 15:54 - 2022-01-12 15:54 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-12 15:53 - 2022-01-12 15:53 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-12 15:53 - 2022-01-12 15:53 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-12 15:35 - 2022-01-12 15:35 - 000000000 ___HD C:\$WinREAgent
2022-01-10 09:52 - 2022-01-10 09:52 - 000012269 _____ C:\Users\User\Desktop\ČESTNÉ PROHLÁŠENÍ.odt
2022-01-10 07:23 - 2022-01-10 07:23 - 000010468 _____ C:\Users\User\Desktop\elektřina.odt
2022-01-09 08:19 - 2022-01-09 08:19 - 000000000 ____D C:\Users\User\AppData\Roaming\Neos Eureka S.r.l
2022-01-06 17:13 - 2022-01-15 07:39 - 000013263 _____ C:\Users\User\Documents\Tabulka splátek.ods

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-04 17:51 - 2021-12-19 14:39 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-04 17:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-04 17:37 - 2021-12-19 13:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-04 17:11 - 2021-12-19 13:48 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-04 17:11 - 2019-12-07 15:41 - 000719322 _____ C:\WINDOWS\system32\perfh005.dat
2022-02-04 17:11 - 2019-12-07 15:41 - 000145448 _____ C:\WINDOWS\system32\perfc005.dat
2022-02-04 17:11 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-04 17:05 - 2021-12-19 13:23 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-02-04 17:05 - 2021-12-19 13:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-04 17:05 - 2020-06-08 15:05 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2022-02-04 17:05 - 2020-06-08 14:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-04 17:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-04 17:05 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-04 11:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-04 08:50 - 2021-12-20 10:20 - 000025674 _____ C:\Users\User\Documents\ENERGIE1.ods
2022-02-03 12:23 - 2021-12-19 14:13 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2022-02-03 12:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-29 07:09 - 2020-09-02 07:37 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-29 07:09 - 2020-09-02 07:37 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-28 08:07 - 2021-12-19 13:22 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-28 08:07 - 2021-12-19 13:22 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-27 10:15 - 2021-12-19 16:45 - 000000000 ____D C:\ProgramData\firebird
2022-01-26 18:02 - 2021-12-19 14:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4183113033-1021519691-2957343654-1001
2022-01-26 18:02 - 2021-12-19 14:18 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4183113033-1021519691-2957343654-1001
2022-01-26 18:02 - 2021-12-19 13:35 - 000002378 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-25 10:46 - 2021-12-19 14:41 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-21 23:46 - 2021-12-19 14:39 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-21 23:46 - 2021-12-19 14:39 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-20 13:38 - 2021-12-19 17:09 - 000000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2022-01-19 08:34 - 2021-12-19 13:19 - 000654336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-16 09:57 - 2021-12-19 17:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-16 09:50 - 2021-12-19 15:50 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2022-01-16 09:50 - 2021-12-19 14:13 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2022-01-16 09:09 - 2021-12-19 15:47 - 000000000 ____D C:\ProgramData\Adobe
2022-01-12 16:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-12 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-12 16:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-12 15:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-01-12 15:33 - 2021-12-19 17:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-12 15:30 - 2021-12-19 17:22 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-11 19:30 - 2021-12-19 16:22 - 000000000 ____D C:\Users\User\Desktop\Nová složka
2022-01-10 07:18 - 2021-12-19 14:20 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2022-01-09 09:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-09 08:08 - 2021-12-30 08:59 - 000000000 ____D C:\Users\User\AppData\Local\ClassicShell
2022-01-09 07:40 - 2021-12-19 14:41 - 000002206 _____ C:\Users\User\Desktop\Google Chrome.lnk
2022-01-08 20:13 - 2021-12-19 19:56 - 000000000 ____D C:\Users\User\Desktop\Nová složka (2)
2022-01-08 20:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2022-01-08 20:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2022-01-08 15:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Files in the root of some directories ========

2022-01-03 10:55 - 2022-01-03 10:59 - 000003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[marvis]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by User (04-02-2022 18:18:28)
Running from C:\Users\User\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1466 (X64) (2021-12-19 13:12:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4183113033-1021519691-2957343654-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4183113033-1021519691-2957343654-503 - Limited - Disabled)
Guest (S-1-5-21-4183113033-1021519691-2957343654-501 - Limited - Disabled)
User (S-1-5-21-4183113033-1021519691-2957343654-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-4183113033-1021519691-2957343654-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
HP DeskJet 5820 series Nápověda (HKLM-x32\...\{89D0B45E-D5AC-4B97-9C7D-6F0D2308A0CA}) (Version: 36.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{9FF252C8-B146-47A2-9336-3A1A83056F51}) (Version: 36.0.39.57346 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BBF796CE-5068-47C7-8A6D-4120C0CE47E5}) (Version: 36.0.39.57346 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
LibreOffice 7.2.5.2 (HKLM\...\{4EF63F1E-7ADF-4D6E-8F9F-5E1D5CE231D1}) (Version: 7.2.5.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.76 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
Studie vylepšování produktu HP DeskJet 5820 series (HKLM\...\{CAE450AC-801B-44FC-A200-0244F6AD5479}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Tisk Obalek 3.2.2.9 (HKLM-x32\...\Tisk Obalek_is1) (Version: 3.2.2.9 - Mgr. Radovan Kraus)
Základní software zařízení HP DeskJet 5820 series (HKLM\...\{322E6CCD-0436-478E-A61B-EB11869234C3}) (Version: 36.1.108.65692 - Hewlett-Packard Co.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-08] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-09] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0 [2022-01-23] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4183113033-1021519691-2957343654-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=felcaaldnbdncclmgdcncolpebgiejap

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\Control Panel\Desktop\\Wallpaper -> c:\users\user\appdata\local\microsoft\windows\themes\roamedthemefiles\desktopbackground\adélka a lukáš.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{946AEE3B-6BCD-4A2D-B0A9-ED727FA46A34}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64142D4A-DF48-4E72-B5AA-9E557260E0A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B6F457C8-C167-4A58-966F-B5F239306A18}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AB71CBC-3B87-42C4-A3E2-E3A7AC43A5A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1B964C70-0B13-40AC-AB0A-D91205EA5040}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{7813F54C-0850-458B-9785-8D339FC9549A}] => (Allow) LPort=5357
FirewallRules: [{FA0D4CE0-A874-4A9A-9E37-7E13BBDA55A1}] => (Allow) C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Development Company, LP)
FirewallRules: [{7DF45A0A-A8FB-48C3-9F05-4BF9306FC6EE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{686512FF-C3CF-4828-A42E-C9AF021ADA3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{968B82B4-225B-483D-B50A-2747E41AD9CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1073DF29-4963-4A4A-9CF7-72BCEC13F8B3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54514C78-3030-4CD9-B6CC-7823E941EDF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{705D44CD-DC34-40D3-B641-6FCA6973D5CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F6B12BD-9830-4B58-A03B-ABF68BAB8075}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E7FA244-1353-4B77-9FA0-DC391BAE808A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.177.645.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A7D3AB0-D20F-48F4-8920-437296E4744F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-01-2022 15:33:59 Instalační služba modulů systému Windows
23-01-2022 11:12:16 Naplánovaný kontrolní bod
31-01-2022 15:57:09 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/16/2022 09:09:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ADelRCP.exe, verze: 21.7.20091.59174, časové razítko: 0x613979a5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000071208
ID chybujícího procesu: 0x1ed8
Čas spuštění chybující aplikace: 0x01d80ab07323e8bc
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\ADelRCP.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 0c7e78cb-534c-4f67-a418-7beefd55ad53
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/08/2022 08:14:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4560,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU00C10.log došlo k chybě -1811 (0xfffff8ed).

Error: (01/06/2022 03:25:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1415 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 18c0

Čas spuštění: 01d803093601646d

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: cb634db2-0eb3-41c5-8590-b34295183d4c

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (01/06/2022 03:25:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1415 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 17ac

Čas spuštění: 01d80309138f8e31

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: e3fb332b-018b-4d39-9356-cd9cfafd12cc

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (01/06/2022 03:24:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1415 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 820

Čas spuštění: 01d80194f5748531

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 3bcb537d-abec-4e06-8e61-322c3885d013

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/27/2021 12:08:48 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-K1KAJM8)
Description: Aplikaci nebo službu Microsoft Windows Search Filter Host nelze ukončit.

Error: (12/27/2021 11:19:56 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (12/27/2021 11:04:00 AM) (Source: MsiInstaller) (EventID: 11730) (User: DESKTOP-K1KAJM8)
Description: Produkt: LibreOffice 7.2.2.2 -- Chyba 1730.K odebrání této aplikace musíte mít oprávnění uživatele Administrator. Chcete-li tuto aplikaci odebrat, přihlaste se jako uživatel Administrator nebo požádejte o pomoc pracovníky podpory.


System errors:
=============
Error: (02/04/2022 05:00:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/04/2022 05:00:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/04/2022 05:00:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/04/2022 05:00:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/04/2022 05:00:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ESIF Upper Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/04/2022 03:37:11 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/03/2022 11:00:01 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.

Error: (02/03/2022 08:05:19 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.


Windows Defender:
================
Date: 2022-02-03 17:31:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2BE1245B-43BD-48DC-B04C-5DED638B8954}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-02-01 17:36:28
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AA0F730F-07F7-4941-8C9B-4B6B2CA1C1F3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-02-01 08:20:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A66E5981-CE53-429C-99E5-466C13462133}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-01-29 19:32:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D03628C9-176D-4638-BF33-4172D6818EDD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-01-28 18:12:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C3953416-F87F-446F-8EED-3C3493FAF418}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-01-08 20:15:18
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

CodeIntegrity:
===============
Date: 2021-12-29 08:36:39
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: Insyde F.30 12/24/2019
Motherboard: HP 80C5
Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 53%
Total physical RAM: 3938.27 MB
Available physical RAM: 1834.87 MB
Total Virtual: 7906.27 MB
Available Virtual: 5392.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.96 GB) (Free:145.75 GB) NTFS

\\?\Volume{9fc1eafe-d012-4dc9-ad7e-f8d138f74b3f}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{24a3231c-103f-4d3b-b955-8c24217c7389}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\...\MountPoints2: {c85e8cae-7242-11ec-8ad2-b05ada9e2109} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\...\MountPoints2: {fe142372-590b-11ec-8fdb-b05ada9e2109} - "D:\HiSuiteDownLoader.exe"
Task: {26459D85-434F-4999-9677-4C2E85CDA24F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-19] (Google LLC -> Google LLC)
Task: {C3CD99C3-7526-4284-B5DD-8AD81378C14C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-19] (Google LLC -> Google LLC)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[marvis]

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Ran by User (05-02-2022 07:06:32) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\...\MountPoints2: {c85e8cae-7242-11ec-8ad2-b05ada9e2109} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\...\MountPoints2: {fe142372-590b-11ec-8fdb-b05ada9e2109} - "D:\HiSuiteDownLoader.exe"
Task: {26459D85-434F-4999-9677-4C2E85CDA24F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-19] (Google LLC -> Google LLC)
Task: {C3CD99C3-7526-4284-B5DD-8AD81378C14C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-19] (Google LLC -> Google LLC)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c85e8cae-7242-11ec-8ad2-b05ada9e2109} => removed successfully
HKU\S-1-5-21-4183113033-1021519691-2957343654-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fe142372-590b-11ec-8fdb-b05ada9e2109} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{26459D85-434F-4999-9677-4C2E85CDA24F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26459D85-434F-4999-9677-4C2E85CDA24F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3CD99C3-7526-4284-B5DD-8AD81378C14C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3CD99C3-7526-4284-B5DD-8AD81378C14C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 59351723 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4427914 B
Edge => 0 B
Chrome => 524294686 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 28388 B
User => 2878820 B

RecycleBin => 8770231 B
EmptyTemp: => 573.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 07:07:41 ====

[Rudy]

Smazáno. Nastala změna k lepšímu?

[marvis]

Ano, je to lepší.

[Rudy]

To jsem rád. Ještě můžete defragmentovat disk.

[marvis]

Vyzkouším. Jinak děkuji moc za kontrolu a pomoc. Přeji krásný den.

[Rudy]

Hezký den i vám a nemáte zač!