Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

velmi zpomalený notebook

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Musclefish
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 03 pro 2006 10:06

velmi zpomalený notebook

#1 Příspěvek od Musclefish »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-11-2022
Ran by kluch (administrator) on DESKTOP-HOME (Dell Inc. Latitude E6530) (20-11-2022 13:09:09)
Running from C:\Users\kluch\Desktop
Loaded Profiles: kluch
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(C:\Program Files\DellTPad\HidMonitorSvc.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [736552 2015-05-29] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711328 2022-06-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1685381F-B4AC-4D94-85DF-D1FB62382D31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2AEFA4AA-E997-495E-85A8-8EFEA3B39A59} - System32\Tasks\RtHDVBg_LENOVO_MICPKEY => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-07-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {30FE64AC-A669-4FF0-92FC-CF22141D8F24} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {43ABDD57-5B43-423C-A90D-C393127261BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {54CC14DB-719F-4391-8BAA-83DC40092BB5} - System32\Tasks\GoogleUpdateTaskMachineUA{F8B5663C-6937-4631-B853-FF62AD9FE0BD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-11-05] (Google LLC -> Google LLC)
Task: {555F9549-B649-4CFB-998B-978E9D9606EE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {606A79CF-B289-46DB-928B-CF0B40870A9B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154376 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C9A65A5-FD62-4E23-8785-15534E2B2A39} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D808697-58D2-4F08-A8FB-FB3A22162300} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b7ffd1e6-bcde-4775-b801-0b788911db77" --version "6.04.10044" --silent
Task: {7DD7FAA9-8C32-4E8A-8128-D78CC3F4105C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {847B4D1F-DF57-4537-A564-05CA3EF0B427} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {85142087-7B31-4F54-86E4-E92B41D6725A} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {8A089977-53EB-4053-931E-47A7ADE8047B} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1867612653-4038428619-1474417653-1004 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {B7634D78-6D3A-47BE-B8B7-707AC25CBBE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D027CEFE-1BE3-4048-A818-893FA286C340} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D4EB2D3D-C2CB-435B-A0C3-3866E33B3C96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E08A60C8-C348-48AD-A061-B30B328777B2} - System32\Tasks\GoogleUpdateTaskMachineCore{DB680756-F223-4A1D-A8CF-021B56A6E8AD} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-11-05] (Google LLC -> Google LLC)
Task: {ED0F6EB8-7372-43E5-B939-29788EBAEE50} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6637512 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFD78A7E-1AC0-4D24-A104-A1BFEADB563D} - System32\Tasks\Dell\Command Update => C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe [2930208 2017-05-30] (Dell Inc -> Dell Inc.)
Task: {FDBB3DE4-98A3-4A24-B169-588B8DCCF135} - System32\Tasks\CCleanerSkipUAC - kluch => C:\Program Files\CCleaner\CCleaner64.exe $(Arg0) (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: HTML script in Hosts detected. See Hosts section of Addition.txt <==== ATTENTION
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.10.10.10 8.8.8.8
Tcpip\..\Interfaces\{1628a578-e39f-4560-b6c7-d76bbd2bc9ae}: [DhcpNameServer] 172.16.0.90 172.16.0.91 172.16.0.92
Tcpip\..\Interfaces\{699fdee2-378e-4b09-abee-cb8329ba9801}: [DhcpNameServer] 10.10.10.10 8.8.8.8
Tcpip\..\Interfaces\{8048a9ea-2625-40ea-ae48-5476aa9a701e}: [DhcpNameServer] 192.168.95.1 8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\kluch\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-15]
Edge DefaultSearchURL: Default -> hxxps://search-dur.com/gosrch/?uid=e5715da9&i=100&sc=1&q={searchTerms}
Edge DefaultSearchKeyword: Default -> smsearch
Edge DefaultNewTabURL: Default -> hxxps://search-dur.com/ntab/chrome/?uid=e5715da9&i=100&sc=2
Edge DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?query={searchT ... e}&PC=U316
Edge Extension: (Chrome PDF Plugin) - C:\Users\kluch\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cdklkehakandkgnhnjnbpnnngiohpchj [2022-09-28]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2022-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2022-11-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\kluch\AppData\Local\Google\Chrome\User Data\Default [2022-11-20]
CHR Notifications: Default -> hxxps://answear.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=818410
CHR Extension: (Chrome PDF Plugin) - C:\Users\kluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdklkehakandkgnhnjnbpnnngiohpchj [2022-09-28]
CHR Extension: (Tampermonkey) - C:\Users\kluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\kluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kluch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96000 2015-09-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12515768 2022-11-15] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [16128 2015-06-03] (LENOVO -> Lenovo)
S3 MpKsl4bf6578a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B45ECF8A-2646-4E31-8541-5363B1A83871}\MpKslDrv.sys [214280 2022-11-20] (Microsoft Windows -> Microsoft Corporation)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-20 13:09 - 2022-11-20 13:09 - 000017874 _____ C:\Users\kluch\Desktop\FRST.txt
2022-11-20 13:09 - 2022-11-20 13:09 - 000000000 ____D C:\FRST
2022-11-20 13:06 - 2022-11-20 13:06 - 002375680 _____ (Farbar) C:\Users\kluch\Desktop\FRST64.exe
2022-11-20 12:54 - 2022-11-20 12:54 - 000001681 _____ C:\ProgramData\MacOS_monkee3y3fdjsuUhuda78qhiIOJd4dD.vbs
2022-11-20 12:51 - 2022-11-20 12:51 - 000000000 ____D C:\Users\kluch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2022-11-13 07:48 - 2022-11-13 07:48 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-13 07:48 - 2022-11-13 07:48 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-13 07:48 - 2022-11-13 07:48 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-13 07:48 - 2022-11-13 07:48 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-13 07:41 - 2022-11-13 07:41 - 000000000 ___HD C:\$WinREAgent
2022-11-05 14:36 - 2022-11-05 14:36 - 000168144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-11-05 14:36 - 2022-11-05 14:36 - 000000000 ____D C:\Program Files (x86)\Java
2022-11-05 14:16 - 2022-11-11 07:52 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-05 14:15 - 2022-11-05 14:15 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{F8B5663C-6937-4631-B853-FF62AD9FE0BD}
2022-11-05 14:15 - 2022-11-05 14:15 - 000003426 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{DB680756-F223-4A1D-A8CF-021B56A6E8AD}

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-20 13:09 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-20 13:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-20 13:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-20 12:56 - 2020-11-11 10:17 - 001605812 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-20 12:56 - 2019-12-07 15:43 - 000683504 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-20 12:56 - 2019-12-07 15:43 - 000137284 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-20 12:53 - 2018-06-21 10:29 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-20 12:51 - 2020-11-11 10:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-20 12:51 - 2020-11-11 10:07 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-20 12:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-20 12:51 - 2018-08-06 18:36 - 000000000 ___RD C:\Users\kluch\OneDrive
2022-11-20 12:51 - 2018-08-06 18:34 - 000000000 __SHD C:\Users\kluch\IntelGraphicsProfiles
2022-11-20 12:47 - 2020-08-13 22:19 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-19 12:15 - 2020-11-11 10:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-19 07:33 - 2022-10-14 06:40 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-11-15 14:21 - 2019-09-11 09:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-11-13 20:36 - 2022-09-28 15:46 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-13 20:36 - 2020-11-11 10:07 - 000436144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-13 20:36 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-13 20:35 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-13 20:35 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-13 20:35 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-13 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-13 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-13 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-13 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-13 20:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-13 07:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-13 07:48 - 2020-11-11 10:12 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-13 07:34 - 2019-01-27 10:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-13 07:32 - 2019-01-27 10:44 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-12 18:28 - 2018-06-21 10:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-12 18:27 - 2021-12-28 09:28 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1867612653-4038428619-1474417653-1004
2022-11-12 18:27 - 2020-11-11 10:15 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1867612653-4038428619-1474417653-1004
2022-11-12 18:27 - 2020-11-11 10:09 - 000002388 _____ C:\Users\kluch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-11 07:51 - 2020-11-11 10:15 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-11 07:51 - 2020-11-11 10:15 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-06 11:09 - 2020-09-28 14:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-05 14:36 - 2022-09-28 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-11-05 14:16 - 2022-09-28 16:29 - 000000000 ____D C:\Program Files\Google
2022-11-05 13:52 - 2022-09-28 15:46 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-03 18:25 - 2022-10-14 06:40 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2022-10-21 06:41 - 2022-09-28 15:46 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== Files in the root of some directories ========

2022-11-20 12:54 - 2022-11-20 12:54 - 000001681 _____ () C:\ProgramData\MacOS_monkee3y3fdjsuUhuda78qhiIOJd4dD.vbs
2022-09-28 14:33 - 2022-09-28 14:33 - 001869824 _____ () C:\Users\kluch\AppData\Roaming\d21o6Kxn.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2022
Ran by kluch (20-11-2022 13:10:32)
Running from C:\Users\kluch\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) (2020-11-11 09:15:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1867612653-4038428619-1474417653-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1867612653-4038428619-1474417653-503 - Limited - Disabled)
Guest (S-1-5-21-1867612653-4038428619-1474417653-501 - Limited - Disabled)
kluch (S-1-5-21-1867612653-4038428619-1474417653-1004 - Administrator - Enabled) => C:\Users\kluch
WDAGUtilityAccount (S-1-5-21-1867612653-4038428619-1474417653-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20282 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.1 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.109 - ALPS ELECTRIC CO., LTD.)
EaseUS Data Recovery Wizard Technician 13.6 (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: 13.6 - lrepacks.ru)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{205AE40D-8AD7-4F29-A430-DD2168DA562D}) (Version: 14.5.0.1081 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Java 8 Update 341 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Kodi (HKU\S-1-5-21-1867612653-4038428619-1474417653-1004\...\Kodi) (Version: 19.3.0.0 - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.52 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.52 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1867612653-4038428619-1474417653-1004\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Project - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visio - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.15726.20202 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1867612653-4038428619-1474417653-1004\...\ZoomUMX) (Version: 5.8.0 (1324) - Zoom Video Communications, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.26.33.0_x64__kgqvnymyfvs32 [2022-11-11] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2400.2.0_x64__kgqvnymyfvs32 [2022-11-11] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.231.400.0_x64__kgqvnymyfvs32 [2022-11-16] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_16.0.5.0_x86__m9bz608c1b9ra [2022-10-09] (Nordcurrent)
Dragon Mania Legends -> C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_7.0.101.0_x64__h6adky7gbf63m [2022-10-16] (Gameloft SE)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.51.5102.0_x86__ytsefhwckbdv6 [2022-11-15] (G5 Entertainment AB)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa [2022-11-05] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-11-15] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1867612653-4038428619-1474417653-1004_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2022-06-15] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-09-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\ssv.dll [2022-11-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_341\bin\jp2ssv.dll [2022-11-05] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 00:38 - 2022-11-20 12:53 - 000002638 __RSH C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 clients.google.com
127.0.0.1 clients0.google.com
127.0.0.1 clients1.google.com
127.0.0.1 clients2.google.com
127.0.0.1 clients3.google.com
127.0.0.1 clients4.google.com
127.0.0.1 clients5.google.com
127.0.0.1 clients6.google.com
127.0.0.1 clients7.google.com
127.0.0.1 clients8.google.com
127.0.0.1 clients9.google.com# Piriform Blocker Key Verificator
127.0.0.1 license.piriform.com
127.0.0.1 www.license.piriform.com
127.0.0.1 speccy.piriform.com
127.0.0.1 www.speccy.piriform.com
127.0.0.1 recuva.piriform.com
127.0.0.1 www.recuva.piriform.com
127.0.0.1 defraggler.piriform.com
127.0.0.1 www.defraggler.piriform.com
127.0.0.1 ccleaner.piriform.com
127.0.0.1 www.ccleaner.piriform.com
127.0.0.1 license-api.ccleaner.com

2020-11-12 11:48 - 2020-11-15 16:52 - 000000441 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 Desktop-Home.mshome.net # 2025 11 5 14 15 52 36 624

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1867612653-4038428619-1474417653-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\kluch\Downloads\20220414_155342.jpg
DNS Servers: 10.10.10.10 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{A46A1557-A51A-4EF6-97A6-3CC42616A807}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{5EFA24F4-9D3D-43DD-A831-EA6276197E83}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{DFB7DF06-C5FF-445F-869D-9B85581EB3D8}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{6924A4AF-D0E9-4101-8064-55432E903B2C}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{75E650E2-2335-4A69-883D-975ECC926A91}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9F3BD64-BDFA-4EF7-ADEE-3C5B4F7322E0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C2C4CA9F-2441-45AA-AEC0-D5F68812F53D}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [UDP Query User{31DA17C0-5EC0-465F-82D1-D8202888CF5A}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [{07B90180-D927-4D3E-BEB4-BB2B85B36F9F}] => (Allow) C:\Users\kluch\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{0A53D04B-2E87-46B8-B1A3-4322478C09B3}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{DAF2AACF-C866-4881-991D-BCDDBBE73223}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{B2C2753E-D553-4A01-B0DF-843A9054A5D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C6E9790E-213B-45DB-BBAF-BB91C080901A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{577933F4-3716-432B-B73F-F31A116D9441}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{05C0DEA9-30F2-4BC3-A4D2-14E8A6C57FAA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2097B437-CAF2-44CE-8E0D-CEF8AE33C4BF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8996728B-2C10-46E8-B88A-4268CE8652B3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{60B523F9-8595-4DE0-BE2A-847F126F2230}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F712B027-BC0A-44B5-8212-92F582D6D0DF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{91871BD4-703D-4651-BE75-98C15CAF45D0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DDD0D179-AD09-44E9-A517-AF80DE2874DF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92F8B949-1A61-4657-A9FB-D7D2C618E18B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12126.1.57048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0A5E95AA-4A43-4BF4-AF5F-E1D6432B9F65}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C9B06CC1-C198-48C6-9D49-B1D69A2731F6}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.24 GB) (Free:66.47 GB) (56%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/20/2022 12:53:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.5.0.1081, časové razítko: 0x556ecc3d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x059724ed
ID chybujícího procesu: 0x2774
Čas spuštění chybující aplikace: 0x01d8fcd6b1e1e3dc
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4448fc83-5093-43e8-92e8-4d4ea30f4c67
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/20/2022 12:53:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: IAStorDataMgrSvc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
na IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
na IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/20/2022 12:48:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2193 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 15dc

Čas spuštění: 01d8fcd5db41c835

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: b2b1f38e-94ef-4d32-b46b-ccdeac8d4b72

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (11/20/2022 12:47:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.2193 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2fa8

Čas spuštění: 01d8fcd5b076095e

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: fab8f538-b27a-42b5-affb-3bf61b1fca27

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (11/15/2022 02:20:55 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-HOME)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.

Error: (11/14/2022 01:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.5.0.1081, časové razítko: 0x556ecc3d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x057c24ed
ID chybujícího procesu: 0x1cec
Čas spuštění chybující aplikace: 0x01d8f82463cb407a
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: fbb77ea0-1942-405f-bcff-a4fe404897aa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/14/2022 01:27:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: IAStorDataMgrSvc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
na IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
na IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/05/2022 09:31:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.5.0.1081, časové razítko: 0x556ecc3d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0588e78d
ID chybujícího procesu: 0x226c
Čas spuštění chybující aplikace: 0x01d8f0f10d5b9049
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3b42ff3d-d0dc-4817-9b14-615f8c681323
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/20/2022 12:53:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/20/2022 12:51:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:40:55, ‎19.‎11.‎2022) bylo neočekávané.

Error: (11/19/2022 09:48:44 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/19/2022 08:30:11 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/19/2022 07:52:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/18/2022 09:04:41 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/18/2022 05:15:09 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/18/2022 08:37:43 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Windows Defender:
================
Date: 2022-11-19 07:51:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {52C0594E-77CA-4CC7-A469-A1D5C3D08310}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-17 09:08:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9343588B-BBE5-49B1-AA2C-B6809FCB7A6D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-16 17:51:04
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CAF18919-AEE7-4AFF-A9FC-C040336EC607}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-12 18:45:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2388CB6D-BC7C-42A1-8DEB-2579CF8F4356}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-11-05 07:59:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E5CFDEAB-B96A-4120-BDAD-50F7D8C768F3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2022-11-15 08:27:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-11-11 08:13:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-10-21 08:02:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-09-29 19:50:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-08-16 07:56:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A21 02/21/2018
Motherboard: Dell Inc. 0JC5MT
Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 75%
Total physical RAM: 3998.92 MB
Available physical RAM: 981.62 MB
Total Virtual: 5854.92 MB
Available Virtual: 2519.88 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:118.24 GB) (Free:66.47 GB) (Model: SAMSUNG SSD PM830 2.5" 7mm 128GB) NTFS

\\?\Volume{9212a161-0000-0000-0000-100000000000}\ (System) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{9212a161-0000-0000-0000-c0ae1d000000}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 9212A161)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=522 MB) - (Type=27)

==================== End of Addition.txt =======================


Děkuji

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: velmi zpomalený notebook

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Musclefish
Návštěvník
Návštěvník
Příspěvky: 50
Registrován: 03 pro 2006 10:06

Re: velmi zpomalený notebook

#3 Příspěvek od Musclefish »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-14-2022
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.2251)
# Cleaned: 11
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\restoro.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Local AppWizard-Generated Applications\Restoro
Deleted HKCU\Software\Restoro
Deleted HKCU\Software\Restoro Key
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}
Deleted HKLM\Software\Restoro
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C661BE9A-11D8-47DD-A980-6494B09F3AF3}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2892 octets] - [14/12/2022 10:20:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: velmi zpomalený notebook

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět