Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalené PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
windyOMG
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 03 úno 2017 17:29

Zpomalené PC

#1 Příspěvek od windyOMG »

Děkuji za kontrolu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2022
Ran by hslab (administrator) on LENOVO-NB (LENOVO 80E3) (19-11-2022 14:57:24)
Running from C:\Users\hslab\Desktop
Loaded Profiles: hslab
Platform: Microsoft Windows 10 Home Version 21H2 19044.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Desktop.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_x64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atieclxx.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5060864 2015-06-16] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [184104 2021-03-09] (Mixbyte Inc -> )
HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\Run: [MicrosoftEdgeAutoLaunch_FDEFF14B1428EF1C9EBE70D8CFB93713] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3892168 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\MountPoints2: {108be47e-643d-11ec-8c52-c0389620ff28} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {072271E6-46A8-49D1-9F2C-D8A6601D801F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0FEB988D-9759-4D8B-8B58-9BE3F3E456F8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-21] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {117D2686-3122-4F3A-8C67-4E9F959B4B16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {15395537-DFEB-4841-919E-14D9B4CDE582} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {196B87E7-F102-416E-9738-97C82267950B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B2CF5C4-4A63-475F-B578-73FD7ECCD5EC} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [66936 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C8F6914-4692-43B0-9D30-AE01B773CECA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {397CAF69-EB41-45B2-BFEB-81E920738CE2} - System32\Tasks\GoogleUpdateTaskMachineUA{CE6E4E99-040E-4EEA-B1F5-47933D0EF6C7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-21] (Google LLC -> Google LLC)
Task: {3B260B36-1D59-4685-B9F7-1D94309CD4C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B6EB60C-118C-41A5-969B-C63C3786192A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8576000 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E737546-9027-4068-A526-7DDFA4F40061} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [62752 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7F5EA00E-2134-4D3B-B324-EE0DD1714EC0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {84818BC5-5068-4681-A5A5-16ED72B3CB61} - System32\Tasks\GoogleUpdateTaskMachineCore{F5D7DF15-FF6C-4659-A95A-FD417C0B3742} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2021-01-21] (Google LLC -> Google LLC)
Task: {91CAD4CB-AC08-4A93-94E2-C5B61A6BE598} - System32\Tasks\CCleanerSkipUAC - hslab => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {96035874-D46A-4CC7-B82A-FB1AAF3D97DF} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1713952 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B3CBA97B-5F6A-4853-AAF1-D9C3FABC4A07} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {C846893B-4457-4C74-9B83-634527974C90} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEBB4773-ABFC-4D63-9B76-19C3F106C153} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F73B8CA6-745D-4DB0-AD53-6699CB7A2C96} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8B65CE1-78FE-47D1-B6A0-C4BF35B13D09} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {FAF0698F-85A3-42F6-A5D0-8F58B3E5A85D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [268576 2021-05-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{1e170311-bea8-4902-9cad-d706086756b2}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{94a71092-b0a8-4167-bbf8-290713d68456}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\hslab\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-19]
Edge Extension: (Outlook) - C:\Users\hslab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2021-01-21]
Edge Extension: (Word) - C:\Users\hslab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2021-01-21]
Edge Extension: (Excel) - C:\Users\hslab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2021-01-21]
Edge Extension: (PowerPoint) - C:\Users\hslab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2021-01-21]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hslab\AppData\Local\Google\Chrome\User Data\Default [2022-11-19]
CHR Notifications: Default -> hxxps://karvinsky.denik.cz; hxxps://luhacovice.pushengage.com; hxxps://sip.denik.cz; hxxps://skrz.cz; hxxps://www.knihcentrum.cz; hxxps://www.kupi.cz; hxxps://www.penize.cz; hxxps://www.sam73.cz; hxxps://www.youtube.com
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hslab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [789744 2022-05-11] (Piriform Software Ltd -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-13] (Microsoft Corporation -> Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2021-03-09] (Mixbyte Inc -> Freemake)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51224 2016-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16196920 2022-11-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-19 14:57 - 2022-11-19 14:59 - 000019105 _____ C:\Users\hslab\Desktop\FRST.txt
2022-11-15 07:13 - 2022-11-15 07:13 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-11-14 17:22 - 2022-11-14 17:22 - 000010694 _____ C:\Users\hslab\Downloads\klub_data.xlsx
2022-11-14 08:37 - 2022-11-14 09:13 - 000000000 ____D C:\Users\hslab\Desktop\MILADA VLACHOP
2022-11-11 10:46 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2022-11-11 10:46 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2022-11-10 22:02 - 2022-11-10 22:02 - 000688128 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-11-10 22:02 - 2022-11-10 22:02 - 000073216 _____ C:\Windows\system32\nettraceex.dll
2022-11-10 22:02 - 2022-11-10 22:02 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-11-10 21:55 - 2022-11-10 21:55 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-11-10 12:39 - 2022-11-10 12:39 - 000000000 ___HD C:\$WinREAgent
2022-11-06 19:48 - 2022-11-06 19:48 - 000000000 ____D C:\Users\hslab\Desktop\FOTO
2022-11-04 10:58 - 2022-11-04 10:58 - 000240037 _____ C:\Users\hslab\Downloads\faktura11964155.pdf
2022-11-01 08:08 - 2022-11-01 08:08 - 004377906 _____ C:\Users\hslab\Downloads\Backup_2022_11_01_08_08_01.xml
2022-10-31 08:16 - 2022-10-31 08:16 - 004012215 _____ C:\Users\hslab\Downloads\VID-20221031-WA0001.mp4
2022-10-29 20:32 - 2022-10-29 20:40 - 000012168 _____ C:\Users\hslab\Downloads\Nutra-bona-Ceník_2022-10-29 (1).xlsx
2022-10-29 20:32 - 2022-10-29 20:32 - 000005049 _____ C:\Users\hslab\Downloads\Nutra-bona-Ceník_2022-10-29.xlsx
2022-10-29 17:57 - 2022-10-29 17:57 - 007704576 _____ C:\Users\hslab\Downloads\Maly_ale_s_velkym.pps
2022-10-29 08:04 - 2022-10-29 08:09 - 000000000 ____D C:\MOBIL DO 28.10.2022
2022-10-25 10:55 - 2022-10-25 10:55 - 000221251 _____ C:\Users\hslab\Downloads\logo_pdf.zip
2022-10-25 10:55 - 2022-10-25 10:55 - 000081976 _____ C:\Users\hslab\Downloads\logo_jpg.zip
2022-10-25 10:55 - 2022-10-25 10:55 - 000056821 _____ C:\Users\hslab\Downloads\logo_png.zip
2022-10-25 06:50 - 2022-10-25 06:50 - 019431406 _____ C:\Users\hslab\Downloads\2022-10-22___Marta_má_narozeniny.wmv
2022-10-24 19:54 - 2022-10-24 19:55 - 000027052 _____ C:\Users\hslab\Downloads\04_EMAIL_DOPLNENY_schuzky_24.10.2022.xlsx
2022-10-24 19:07 - 2022-10-24 19:07 - 000006971 _____ C:\Users\hslab\Downloads\Vypis_732777080_2210.csv
2022-10-24 19:01 - 2022-10-24 19:01 - 000026618 _____ C:\Users\hslab\Downloads\Vypis_603437159_2210 (1).csv
2022-10-24 18:58 - 2022-10-24 18:58 - 000026618 _____ C:\Users\hslab\Downloads\Vypis_603437159_2210.csv
2022-10-24 10:34 - 2022-10-24 10:34 - 000027034 _____ C:\Users\hslab\Downloads\04_EMAIL_DOPLNENY_SEZNAM_K__1.1.2022 (2).xlsx
2022-10-24 07:04 - 2022-10-24 07:04 - 000027034 _____ C:\Users\hslab\Downloads\04_EMAIL_DOPLNENY_SEZNAM_K__1.1.2022 (1).xlsx
2022-10-23 08:41 - 2022-10-23 08:41 - 012548096 _____ C:\Users\hslab\Downloads\Kvety_-_Jirinky.pps
2022-10-23 08:40 - 2022-10-23 08:40 - 000406016 _____ C:\Users\hslab\Downloads\Sedm_nejlepsich_poloh.pps
2022-10-20 19:47 - 2022-11-19 14:14 - 000003114 _____ C:\Windows\system32\Tasks\AMDInstallLauncher

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-19 14:58 - 2022-06-15 13:20 - 000000000 ____D C:\FRST
2022-11-19 14:56 - 2022-06-22 11:40 - 000000000 ____D C:\Users\hslab\Desktop\FRST-OlderVersion
2022-11-19 14:56 - 2022-06-15 13:16 - 002375680 _____ (Farbar) C:\Users\hslab\Desktop\FRST64.exe
2022-11-19 14:53 - 2021-01-21 19:33 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-19 14:38 - 2021-01-21 20:51 - 000000000 ____D C:\Program Files\CCleaner
2022-11-19 14:35 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-11-19 14:22 - 2021-01-21 18:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-19 14:22 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-19 14:22 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-11-19 14:14 - 2021-01-21 17:09 - 000000000 ___RD C:\Users\hslab\OneDrive
2022-11-18 20:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-18 20:51 - 2021-01-21 16:47 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-18 06:41 - 2021-01-21 19:40 - 000000000 ____D C:\Users\hslab\AppData\Roaming\vlc
2022-11-17 21:48 - 2022-09-14 20:11 - 000000000 ____D C:\Users\hslab\Desktop\MIX
2022-11-17 07:43 - 2021-01-21 17:06 - 000000000 ____D C:\Users\hslab\AppData\Local\Packages
2022-11-16 13:34 - 2021-01-21 17:00 - 000000000 ____D C:\Users\hslab
2022-11-16 10:45 - 2021-01-21 17:27 - 000000000 ____D C:\Users\hslab\AppData\Local\D3DSCache
2022-11-15 22:07 - 2021-10-07 12:29 - 000000000 ____D C:\Users\hslab\AppData\Roaming\Audacity
2022-11-15 19:17 - 2021-12-11 18:25 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2026098395-3944541080-1485957733-1001
2022-11-15 19:17 - 2021-01-21 17:09 - 000003368 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2026098395-3944541080-1485957733-1001
2022-11-15 19:17 - 2021-01-21 17:00 - 000002396 _____ C:\Users\hslab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-15 07:23 - 2022-01-16 17:45 - 000000000 ____D C:\Program Files\TeamViewer
2022-11-15 07:22 - 2021-01-21 17:10 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2022-11-15 07:22 - 2021-01-21 16:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-15 07:22 - 2021-01-21 16:47 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-15 07:22 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-11-14 08:42 - 2022-01-16 16:31 - 000000000 ____D C:\Users\hslab\AppData\Local\AMD_Common
2022-11-13 10:09 - 2021-01-21 19:48 - 000000000 ____D C:\Program Files\Microsoft Office
2022-11-13 09:58 - 2021-01-21 18:55 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-13 09:58 - 2021-01-21 18:55 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 11:06 - 2021-01-21 16:48 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-11-11 11:01 - 2021-01-21 16:58 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-11 11:01 - 2019-12-07 15:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-11-11 11:01 - 2019-12-07 15:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-11-11 10:54 - 2021-01-21 16:47 - 000295000 _____ C:\Windows\system32\FNTCACHE.DAT
2022-11-11 10:51 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-11-11 10:51 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-11-11 10:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-11-11 10:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-11-11 10:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-11-11 10:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-11-11 10:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-11-11 10:45 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-11-11 10:25 - 2021-01-21 19:34 - 000002262 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-11 10:25 - 2021-01-21 19:34 - 000002221 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-10 21:55 - 2021-01-21 16:50 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-11-09 20:22 - 2021-01-21 17:13 - 000000000 ____D C:\Windows\system32\MRT
2022-11-09 20:03 - 2021-01-21 17:12 - 146960040 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-10-24 05:29 - 2022-04-26 14:12 - 000000000 ____D C:\MOBIL DO 26.4.2022
2022-10-24 05:20 - 2022-06-14 18:17 - 000000000 ____D C:\Users\hslab\AppData\Local\CrashDumps

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================













Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by hslab (19-11-2022 15:02:42)
Running from C:\Users\hslab\Desktop
Microsoft Windows 10 Home Version 21H2 19044.2251 (X64) (2021-01-21 15:56:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2026098395-3944541080-1485957733-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2026098395-3944541080-1485957733-503 - Limited - Disabled)
Guest (S-1-5-21-2026098395-3944541080-1485957733-501 - Limited - Disabled)
hslab (S-1-5-21-2026098395-3944541080-1485957733-1001 - Administrator - Enabled) => C:\Users\hslab
WDAGUtilityAccount (S-1-5-21-2026098395-3944541080-1485957733-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.5.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Branding64 (HKLM\...\{C871FC62-0186-40ED-BAEA-7C65BE367755}) (Version: 1.00.0006 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Excel (HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Video Converter verze 4.1.12 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.12 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.42 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\Proplus2019Retail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\OneDriveSetup.exe) (Version: 22.225.1026.0001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PowerPoint (HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.35.9 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Word (HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Zoom (HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:
=========
Animotica -> C:\Program Files\WindowsApps\24711Mixilab.Animotica_1.1.106.0_x64__c39s816dkej80 [2021-07-20] (Mixilab)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-19] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-19] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-16] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0 [2022-11-13] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\hslab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm
ShortcutWithArgument: C:\Users\hslab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\hslab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\hslab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi

==================== Loaded Modules (Whitelisted) =============

2021-03-09 19:48 - 2021-03-09 19:48 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-01-21 19:48 - 2021-01-21 19:48 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-01-21 19:48 - 2021-01-21 19:48 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000262144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-03-09 19:48 - 2021-03-09 19:48 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2026098395-3944541080-1485957733-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_A4A22E1E990B403F8FDEAD60A6435ADF"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2340180F-B7EF-4D9D-BDE4-7F58B8721D9D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC35B716-F8D5-4E27-8B83-B94EAA7779A9}] => (Allow) LPort=2869
FirewallRules: [{CACE63B4-019F-4222-9D59-46121E9763D5}] => (Allow) LPort=1900
FirewallRules: [{08DF4FE8-80C3-4EEB-AFB2-769CB30E8D0E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8F5FF774-F376-4C53-8FC9-F7CECCAF66D2}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{86B3CAA5-57EB-40CE-8C41-5ABA6C433C81}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{21731D93-E389-4C05-87D5-9F4946EB9095}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8F20B3D9-2538-406E-AD83-07E7610B49D3}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FE09CB79-A55A-41E9-AC23-7A73CC9C4BBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5FC2D49C-6E8D-4722-B7BC-AFFB4F9046CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D61B261C-5530-4640-9BFE-C7F75C837138}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F241CBDA-9FC8-49A8-B385-65A9E707D340}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AA931933-372B-4060-A2A1-01E422ED74D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69D04418-4071-41B4-8DA4-105528557BC7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{975ABE03-F5BF-4F2C-B1ED-35FFBA04F57C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{28D24623-8F31-4165-BB6B-1E4EDD110D6A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.198.691.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CA52782F-423C-4C87-9BFE-6FEE2AB5FBAF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD50EFD6-984B-4C3D-8D61-33386D0BAE89}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D422F9BD-49C0-4236-9D85-BB4EA1739EEC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{887B17D5-7C2F-436C-831B-ABF41B7F3349}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49D533A3-7082-4C39-ACE6-6AC886B8F64B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

29-10-2022 19:52:50 Naplánovaný kontrolní bod
09-11-2022 20:27:42 Instalační služba modulů systému Windows
10-11-2022 12:36:39 Instalační služba modulů systému Windows
10-11-2022 20:43:23 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/17/2022 07:39:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 528, identifikátor PID ProfSvc: 1284.

Error: (11/17/2022 07:39:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3112, identifikátor PID ProfSvc: 1284.

Error: (11/17/2022 07:39:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3112, identifikátor PID ProfSvc: 1284.

Error: (11/17/2022 07:39:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1444, identifikátor PID ProfSvc: 1284.

Error: (11/17/2022 07:39:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\SecurityHealthService.exe, identifikátor PID: 7832, identifikátor PID ProfSvc: 1284.

Error: (11/17/2022 07:39:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3112, identifikátor PID ProfSvc: 1284.

Error: (11/17/2022 07:39:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 528, identifikátor PID ProfSvc: 1284.

Error: (11/17/2022 07:39:45 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 528, identifikátor PID ProfSvc: 1284.


System errors:
=============
Error: (11/19/2022 02:40:24 PM) (Source: DCOM) (EventID: 10000) (User: LENOVO-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/19/2022 02:24:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2022-04 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5005463).

Error: (11/17/2022 09:23:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2022-04 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5005463).

Error: (11/17/2022 08:21:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2022-04 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5005463).

Error: (11/16/2022 10:42:50 AM) (Source: DCOM) (EventID: 10010) (User: LENOVO-NB)
Description: Server {283EDD52-69B2-473D-BEB6-2C0B4C01FD73} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/15/2022 08:08:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/15/2022 08:08:38 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (11/15/2022 08:07:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): 2022-04 Aktualizace pro Windows 10 Version 21H2 pro systémy typu x64 (KB5005463).


Windows Defender:
================
Date: 2022-11-19 15:02:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Vigram.A
Závažnost: Vysoké
Kategorie: Program měnící nastavení
Cesta: file:_C:\Users\hslab\Downloads\windows-movie-maker.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LENOVO-NB\hslab
Název procesu: C:\Users\hslab\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.379.558.0, AS: 1.379.558.0, NIS: 1.379.558.0
Verze modulu: AM: 1.1.19800.4, NIS: 1.1.19800.4

Date: 2022-11-19 14:27:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7801EC51-95D1-4D4E-BB54-BCAFAFCF5FCE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-18 18:50:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EC177A55-D86A-486D-B86E-5BD03C8E7093}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-17 21:31:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2003EF4-2509-47F6-A3E7-C5BD31CD3A31}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-16 11:24:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5B0F10AD-B31B-4889-87C8-164DFE3B353D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2022-10-30 23:03:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.377.965.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-10-30 23:03:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.377.965.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-10-24 06:23:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.377.710.0
Předchozí verze bezpečnostních informací: 1.377.658.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.19700.3
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80508001
Popis chyby: Potíže neumožňují spuštění programu. Nainstalujte všechny dostupné aktualizace a zkuste daný program spustit znovu. Informace o instalaci aktualizací najdete v nápovědě a podpoře.

Date: 2022-10-24 06:23:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.377.710.0
Předchozí verze bezpečnostních informací: 1.377.658.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.19700.3
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80508001
Popis chyby: Potíže neumožňují spuštění programu. Nainstalujte všechny dostupné aktualizace a zkuste daný program spustit znovu. Informace o instalaci aktualizací najdete v nápovědě a podpoře.

Date: 2022-10-24 06:22:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.377.658.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19700.3
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===============
Date: 2022-11-15 08:09:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-11 11:05:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-03 13:50:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-31 07:57:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-12 19:24:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO A2CN25WW(V1.07) 08/26/2014
Motherboard: LENOVO Lancer 5B2
Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 88%
Total physical RAM: 3544.26 MB
Available physical RAM: 418.69 MB
Total Virtual: 7128.26 MB
Available Virtual: 1291.86 MB

==================== Drives ================================

Drive c: (Windows 10 Home) (Fixed) (Total:380.18 GB) (Free:181.45 GB) (Model: ST1000LM014-SSHD-8GB) NTFS
Drive d: (Data) (Fixed) (Total:550.65 GB) (Free:114.77 GB) (Model: ST1000LM014-SSHD-8GB) NTFS

\\?\Volume{6b3c4cd3-82bb-4c43-b610-70bbc5f1bc71}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{a5c04a5e-bc67-4703-a115-bb7cd1311f69}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1DCA14AA)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Zpomalené PC

#2 Příspěvek od JaRon »

Ahoj,
aka je velkost adresara plocha/desktop :???:
Ak presahuje 1GB poupratuj
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

ota
Návštěvník
Návštěvník
Příspěvky: 112
Registrován: 15 říj 2007 20:50

Re: Zpomalené PC

#3 Příspěvek od ota »

ahoj
Desktop 50,4 kB (51 690 bajtů)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Zpomalené PC

#4 Příspěvek od JaRon »

Prescanuj PC s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

ota
Návštěvník
Návštěvník
Příspěvky: 112
Registrován: 15 říj 2007 20:50

Re: Zpomalené PC

#5 Příspěvek od ota »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 20.11.22
Čas skenování: 17:37
Logovací soubor: abbbef6e-68f1-11ed-b69f-d8cb8a1d41f7.json

-Informace o softwaru-
Verze: 4.5.17.221
Verze komponentů: 1.0.1806
Aktualizovat verzi balíku komponent: 1.0.62557
Licence: Vypršelo

-Systémová informace-
OS: Windows 10 (Build 19045.2311)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-TTIU2E3\Ota

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 388108
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 30 min, 58 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Zpomalené PC

#6 Příspěvek od JaRon »

PC vypada OK
Zataz RAM v logu bol 88% pozri aktualny stav, prip. co ju najviac zatazuje
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

ota
Návštěvník
Návštěvník
Příspěvky: 112
Registrován: 15 říj 2007 20:50

Re: Zpomalené PC

#7 Příspěvek od ota »

Výstřižek ze správce úloh v příloze.
Přílohy
Paměť.png
Paměť.png (42.2 KiB) Zobrazeno 544 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Zpomalené PC

#8 Příspěvek od JaRon »

To je v norme
Preventivne s prikazoveho riadku spusteneho ako spravca spust
sfc /scannow
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

windyOMG
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 03 úno 2017 17:29

Re: Zpomalené PC

#9 Příspěvek od windyOMG »

Jenom chci upozornit, že si ota popletl vlákno :)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Zpomalené PC

#10 Příspěvek od JaRon »

:( netusim, kde sa tu vzal
Postupne reaguj na moje otazky polozene vo vlakne
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

ota
Návštěvník
Návštěvník
Příspěvky: 112
Registrován: 15 říj 2007 20:50

Re: Zpomalené PC

#11 Příspěvek od ota »

Moc se omlouvám, otevřel jsem skutečně jiné vlákno. Ještě jednou sorry

Odpovědět