Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zpomaleny Ntb

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

zpomaleny Ntb

#1 Příspěvek od FrantaC »

Dobry den. Prosim o kontrolu logu , Ntb je pomalejsi nez hlemyzd !
Dekuji .

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2023
Ran by Leona (administrator) on PC (Hewlett-Packard HP 15 Notebook PC) (24-05-2023 19:52:32)
Running from C:\Users\Leona\Desktop\FRST64.exe
Loaded Profiles: Leona
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(C:\Program Files (x86)\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\98.0.4759.39\opera_crashreporter.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(explorer.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(explorer.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\opera.exe <32>
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3970456 2023-05-16] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\Run: [MicrosoftEdgeAutoLaunch_C9456A310EBF7C41FF0A29F051DB1E61] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152216 2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\Users\Leona Vavřinová1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2015-07-07]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass (Marvasol Inc) -> LastPass)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {002093C8-5DC2-49A2-B910-E1B3AED9EBA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0528B8DB-FEA3-431C-9DED-1F1C5CF5BD8A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1267A5B8-B4FC-4C3B-BD9D-3BE2461AFD2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {14CB6448-A7DC-41BF-9420-3292F2C84E65} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1FAA7680-EB69-48DB-82D6-0DB082F85FE6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2BCDB61D-77DE-4A4F-9BBF-A6A54AA8E561} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2D814D45-BF34-438E-AEFB-19F57E370938} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {3851B45C-50E8-4B60-990C-32AFE56FDEFE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {387CFC9B-2F6A-41CD-A47A-D8E80D57D3CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {446BE331-C0C8-4D27-BE3D-B5BED3789851} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {49AAC156-55B5-4BA8-9679-02B800E9BB4C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {59412D9F-3D92-4E29-9A2D-B9505182AECF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {5C260B4A-527A-43D1-BEEF-FCE023B58287} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6B011543-7375-495A-A388-7E7C502C50EA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {6BB6DE55-2B83-44E8-B1F1-812D07D215FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {76D7E029-AF27-417B-B43B-447883E8A0A2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {79D92F21-8FC4-4BFA-9D8B-D91C336E3159} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {7B9900F5-A596-4225-8FBC-06D0E0764DEA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-04-04] (HP Inc. -> HP Inc.)
Task: {859F589C-ACAF-4FAD-AC37-3FA0A989A804} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1003 -> No File <==== ATTENTION
Task: {868B84A6-D742-42ED-AF05-8C7CEDC0D09D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8C5C47B8-52BD-41A3-BD26-884C8A594F4E} - System32\Tasks\Opera scheduled Autoupdate 1422188948 => C:\Program Files (x86)\Opera\launcher.exe [2675616 2023-05-05] (Opera Norway AS -> Opera Software)
Task: {95AD2304-920B-4414-8474-B82F1264625C} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {9C0FCF4B-3197-420C-9DEE-F1C0635A8F68} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1FA4DF8-79C4-478B-8622-D08496106BA4} - System32\Tasks\G2MUploadTask-S-1-5-21-1067854488-1616466786-2691910615-1001 => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A2758D71-7662-407B-AF16-744312328D6F} - System32\Tasks\G2MUpdateTask-S-1-5-21-1067854488-1616466786-2691910615-1001 => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {ADDD9823-04C8-4051-A0DF-7765DF03AE46} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4397144 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {BC3049BF-8850-422C-B690-F7381D57196A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582995124 => C:\Program Files (x86)\Opera\launcher.exe [2675616 2023-05-05] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {BEBDC119-4547-4B1B-9A05-C75544E190F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C17B41E5-7497-48E1-91C8-C811200C6F34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D74FF736-DA82-4FDC-9778-07CFE2B3C67A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DDA709F9-19A6-4D65-B573-4A329F9276F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E000B16E-C1FE-4679-86FB-67BEF511B631} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1001 -> No File <==== ATTENTION
Task: {E2A55C7D-B9E5-43D9-B571-35D7C38BA468} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E6E68354-6E53-44FC-8E8C-4A0BC0C323E5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [159583304 2023-05-12] (Microsoft Windows -> Microsoft Corporation)
Task: {E7A5E8F6-CB0A-4100-AB25-E47228B0BBC4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E826BE25-C44E-4AB5-B5C1-659FF227A413} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3616520 2016-03-31] (McAfee, Inc. -> McAfee, Inc.)
Task: {EAE609CA-B65B-4787-8B54-AC0BABD6C064} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-04-04] (HP Inc. -> HP Inc.)
Task: {EC105C9F-1346-4769-9285-BF1DEFF148BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FE95DA2A-AC6B-45B1-BA12-73820163A167} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1067854488-1616466786-2691910615-1001.job => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1067854488-1616466786-2691910615-1001.job => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4306bc2f-104c-43a9-9687-dd380912c706}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ef05e134-7d5f-4452-936c-b55ca564de0d}: [DhcpNameServer] 80.87.176.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
DownloadDir: C:\Users\Leona\Downloads
Edge Notifications: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001 -> hxxps://www.lide.cz
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Leona\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-18]
Edge DownloadDir: Default -> C:\Users\Leona\Downloads
Edge Notifications: Default -> hxxps://www.lide.cz
Edge Extension: (Edge relevant text changes) - C:\Users\Leona\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)

Opera:
=======
OPR Profile: C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable [2023-05-24]
OPR Notifications: Opera Stable -> hxxps://www.exasoft.cz; hxxps://www.gourmetkava.cz; hxxps://www.knihcentrum.cz; hxxps://www.lide.cz; hxxps://www.luxor.cz; hxxps://www.megaknihy.cz; hxxps://www.prolekarniky.cz
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-11]
OPR Extension: (Opera Wallet) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
OPR Extension: (Opera AI Prompts) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-05-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [858064 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [857032 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [853920 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [856992 2023-04-04] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-24 19:37 - 2023-05-24 19:42 - 000044078 _____ C:\Users\Leona\Desktop\Addition.txt
2023-05-24 19:29 - 2023-05-24 19:56 - 000022391 _____ C:\Users\Leona\Desktop\FRST.txt
2023-05-24 19:28 - 2023-05-24 19:55 - 000000000 ____D C:\FRST
2023-05-24 19:26 - 2023-05-24 19:26 - 002382848 _____ (Farbar) C:\Users\Leona\Desktop\FRST64.exe
2023-05-24 14:55 - 2023-05-24 14:55 - 014198072 _____ C:\Users\Leona\Desktop\registry-clean-expert.exe
2023-05-21 22:10 - 2023-05-21 22:10 - 000000000 ___HD C:\$WinREAgent
2023-05-10 13:58 - 2023-05-10 13:58 - 000488346 _____ C:\Users\Leona\Downloads\PastedGraphic-2.tiff
2023-05-09 19:23 - 2023-05-09 19:23 - 000000769 _____ C:\Users\Leona\Desktop\Dokumenty – zástupce.lnk
2023-05-01 22:17 - 2023-05-23 09:01 - 000002388 _____ C:\Users\Leona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-24 18:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-24 11:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-24 11:29 - 2017-09-20 20:39 - 000000000 ____D C:\Users\Leona\Documents\Youcam
2023-05-24 11:26 - 2020-09-27 09:53 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-24 11:26 - 2020-09-27 09:53 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-24 11:24 - 2016-06-03 16:54 - 000000000 __SHD C:\Users\Leona\IntelGraphicsProfiles
2023-05-24 11:22 - 2020-09-27 09:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-24 11:22 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-24 11:21 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-24 10:43 - 2022-05-15 23:14 - 000000000 ____D C:\Program Files\ruxim
2023-05-23 22:04 - 2020-09-27 07:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-23 09:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-23 09:01 - 2022-05-26 21:26 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1067854488-1616466786-2691910615-1001
2023-05-23 09:01 - 2022-05-26 21:26 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1067854488-1616466786-2691910615-1001
2023-05-23 08:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-21 22:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-18 11:18 - 2022-05-26 21:06 - 001841736 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-18 11:18 - 2019-12-07 16:41 - 000752106 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-18 11:18 - 2019-12-07 16:41 - 000162644 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-18 11:10 - 2020-09-27 07:50 - 000486520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-18 11:10 - 2015-01-25 14:27 - 000000000 ____D C:\Program Files (x86)\Opera
2023-05-18 11:08 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-18 11:07 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-17 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-05-17 09:48 - 2023-04-22 07:46 - 000004168 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582995124
2023-05-15 09:57 - 2022-05-16 21:22 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-13 19:46 - 2020-09-27 09:53 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-12 21:25 - 2015-01-30 00:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-12 20:41 - 2020-09-27 09:53 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 20:41 - 2020-09-27 09:53 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-12 20:22 - 2015-01-30 00:51 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-10 14:25 - 2022-10-18 22:08 - 000003944 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1422188948
2023-05-10 14:25 - 2022-10-18 22:06 - 000001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-05-09 19:42 - 2019-09-14 06:46 - 000000000 ____D C:\Users\Leona\AppData\Local\D3DSCache
2023-05-09 19:23 - 2015-01-25 11:13 - 000000000 ___RD C:\Users\Leona\OneDrive
2023-05-03 11:34 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-24 11:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-04-24 11:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-04-24 11:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-04-24 11:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-04-24 11:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-04-24 11:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-04-24 10:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

==================== Files in the root of some directories ========

2015-07-07 18:42 - 2015-07-07 18:55 - 016258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2020-01-14 17:07 - 2020-08-28 06:00 - 000004608 _____ () C:\Users\Leona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-11-14 19:06 - 2022-11-14 19:06 - 000000017 _____ () C:\Users\Leona\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny Ntb

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

Re: zpomaleny Ntb

#3 Příspěvek od FrantaC »

Provedeno , zde je LOG :

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-06-2023
# Duration: 00:00:06
# OS: Windows 10 (Build 19045.2965)
# Cleaned: 7
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\izito.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.izito.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\izito.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.izito.com
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7400 octets] - [06/06/2023 14:28:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny Ntb

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

Re: zpomaleny Ntb

#5 Příspěvek od FrantaC »

Novy log zde :
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-06-2023
# Duration: 00:00:06
# OS: Windows 10 (Build 19045.2965)
# Cleaned: 7
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\izito.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.izito.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\izito.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.izito.com
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7400 octets] - [06/06/2023 14:28:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

Re: zpomaleny Ntb

#6 Příspěvek od FrantaC »

takze oprava , LOG zde :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2023
Ran by Leona (administrator) on PC (Hewlett-Packard HP 15 Notebook PC) (06-06-2023 15:04:40)
Running from C:\Users\Leona\Desktop\FRST64.exe
Loaded Profiles: Leona
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\99.0.4788.24\opera_crashreporter.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\opera.exe <16>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3970456 2023-05-16] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\Run: [MicrosoftEdgeAutoLaunch_C9456A310EBF7C41FF0A29F051DB1E61] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Leona\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Leona\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\RunOnce: [Uninstall 23.091.0430.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Leona\AppData\Local\Microsoft\OneDrive\23.091.0430.0001" (No File)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\Users\Leona Vavřinová1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2015-07-07]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass (Marvasol Inc) -> LastPass)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {002093C8-5DC2-49A2-B910-E1B3AED9EBA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0528B8DB-FEA3-431C-9DED-1F1C5CF5BD8A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1267A5B8-B4FC-4C3B-BD9D-3BE2461AFD2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {14CB6448-A7DC-41BF-9420-3292F2C84E65} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1FAA7680-EB69-48DB-82D6-0DB082F85FE6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2BCDB61D-77DE-4A4F-9BBF-A6A54AA8E561} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2D814D45-BF34-438E-AEFB-19F57E370938} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {3851B45C-50E8-4B60-990C-32AFE56FDEFE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {387CFC9B-2F6A-41CD-A47A-D8E80D57D3CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {446BE331-C0C8-4D27-BE3D-B5BED3789851} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {4516CA01-3EE7-4C2D-B93F-2786BCFF8144} - System32\Tasks\Opera scheduled Autoupdate 1422188948 => C:\Program Files (x86)\Opera\launcher.exe [2707360 2023-05-24] (Opera Norway AS -> Opera Software)
Task: {48DF34BA-CE85-4B8E-A00F-7C2D78D2DD9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49AAC156-55B5-4BA8-9679-02B800E9BB4C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {59412D9F-3D92-4E29-9A2D-B9505182AECF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {6B011543-7375-495A-A388-7E7C502C50EA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {76D7E029-AF27-417B-B43B-447883E8A0A2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {79D92F21-8FC4-4BFA-9D8B-D91C336E3159} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {7B9900F5-A596-4225-8FBC-06D0E0764DEA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-04-04] (HP Inc. -> HP Inc.)
Task: {859F589C-ACAF-4FAD-AC37-3FA0A989A804} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1003 -> No File <==== ATTENTION
Task: {868B84A6-D742-42ED-AF05-8C7CEDC0D09D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {95AD2304-920B-4414-8474-B82F1264625C} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {99FF3CA2-12DB-4BAE-AD04-4AC84C7CA0F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1FA4DF8-79C4-478B-8622-D08496106BA4} - System32\Tasks\G2MUploadTask-S-1-5-21-1067854488-1616466786-2691910615-1001 => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A2758D71-7662-407B-AF16-744312328D6F} - System32\Tasks\G2MUpdateTask-S-1-5-21-1067854488-1616466786-2691910615-1001 => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {ADDD9823-04C8-4051-A0DF-7765DF03AE46} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4397144 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {BC3049BF-8850-422C-B690-F7381D57196A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582995124 => C:\Program Files (x86)\Opera\launcher.exe [2707360 2023-05-24] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {BEBDC119-4547-4B1B-9A05-C75544E190F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C17B41E5-7497-48E1-91C8-C811200C6F34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C5345263-6519-41B4-8ED4-79F30B7B345A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DDA709F9-19A6-4D65-B573-4A329F9276F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E000B16E-C1FE-4679-86FB-67BEF511B631} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1001 -> No File <==== ATTENTION
Task: {E2A55C7D-B9E5-43D9-B571-35D7C38BA468} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E6E68354-6E53-44FC-8E8C-4A0BC0C323E5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [159583304 2023-05-12] (Microsoft Windows -> Microsoft Corporation)
Task: {E7A5E8F6-CB0A-4100-AB25-E47228B0BBC4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E826BE25-C44E-4AB5-B5C1-659FF227A413} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3616520 2016-03-31] (McAfee, Inc. -> McAfee, Inc.)
Task: {EAE609CA-B65B-4787-8B54-AC0BABD6C064} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-04-04] (HP Inc. -> HP Inc.)
Task: {EC105C9F-1346-4769-9285-BF1DEFF148BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F76B2DC4-1AA8-4C93-804F-2714883D4E02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE95DA2A-AC6B-45B1-BA12-73820163A167} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1067854488-1616466786-2691910615-1001.job => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1067854488-1616466786-2691910615-1001.job => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4306bc2f-104c-43a9-9687-dd380912c706}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ef05e134-7d5f-4452-936c-b55ca564de0d}: [DhcpNameServer] 80.87.176.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
DownloadDir: C:\Users\Leona\Downloads
Edge Notifications: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001 -> hxxps://www.lide.cz
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Leona\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-18]
Edge DownloadDir: Default -> C:\Users\Leona\Downloads
Edge Notifications: Default -> hxxps://www.lide.cz
Edge Extension: (Edge relevant text changes) - C:\Users\Leona\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)

Opera:
=======
OPR Profile: C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable [2023-06-06]
OPR Notifications: Opera Stable -> hxxps://www.exasoft.cz; hxxps://www.gourmetkava.cz; hxxps://www.knihcentrum.cz; hxxps://www.lide.cz; hxxps://www.luxor.cz; hxxps://www.megaknihy.cz; hxxps://www.prolekarniky.cz
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-11]
OPR Extension: (Opera Wallet) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
OPR Extension: (Opera AI Prompts) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-05-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [858064 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [857032 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [853920 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [856992 2023-04-04] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc. -> HP Inc.)
S2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe [3228464 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe [133592 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498984 2023-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-06 15:04 - 2023-06-06 15:09 - 000021719 _____ C:\Users\Leona\Desktop\FRST.txt
2023-06-06 15:04 - 2023-06-06 15:04 - 000000000 ____D C:\Users\Leona\Desktop\FRST-OlderVersion
2023-06-06 14:26 - 2023-06-06 14:30 - 000000000 ____D C:\AdwCleaner
2023-06-06 14:25 - 2023-06-06 14:25 - 008791352 _____ (Malwarebytes) C:\Users\Leona\Desktop\adwcleaner.exe
2023-06-06 14:21 - 2023-06-06 14:21 - 000000000 ____D C:\ProgramData\PLUG
2023-05-24 19:37 - 2023-05-24 20:03 - 000044078 _____ C:\Users\Leona\Desktop\Addition.txt
2023-05-24 19:28 - 2023-06-06 15:07 - 000000000 ____D C:\FRST
2023-05-24 19:26 - 2023-06-06 15:04 - 002383360 _____ (Farbar) C:\Users\Leona\Desktop\FRST64.exe
2023-05-24 14:55 - 2023-05-24 14:55 - 014198072 _____ C:\Users\Leona\Desktop\registry-clean-expert.exe
2023-05-21 22:10 - 2023-05-21 22:10 - 000000000 ___HD C:\$WinREAgent
2023-05-10 13:58 - 2023-05-10 13:58 - 000488346 _____ C:\Users\Leona\Downloads\PastedGraphic-2.tiff
2023-05-09 19:23 - 2023-05-09 19:23 - 000000769 _____ C:\Users\Leona\Desktop\Dokumenty – zástupce.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-06 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-06 14:29 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-05 20:16 - 2020-09-27 07:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-04 19:50 - 2020-09-27 09:53 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-04 19:50 - 2020-09-27 09:53 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-06-04 19:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-04 19:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-04 19:17 - 2023-05-01 22:17 - 000002388 _____ C:\Users\Leona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-04 19:17 - 2022-05-26 21:26 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1067854488-1616466786-2691910615-1001
2023-06-04 19:17 - 2022-05-26 21:26 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1067854488-1616466786-2691910615-1001
2023-06-04 19:05 - 2015-01-25 14:27 - 000000000 ____D C:\Program Files (x86)\Opera
2023-05-25 14:46 - 2022-10-18 22:08 - 000003944 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1422188948
2023-05-25 14:46 - 2022-10-18 22:06 - 000001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-05-24 11:29 - 2017-09-20 20:39 - 000000000 ____D C:\Users\Leona\Documents\Youcam
2023-05-24 11:24 - 2016-06-03 16:54 - 000000000 __SHD C:\Users\Leona\IntelGraphicsProfiles
2023-05-24 11:22 - 2020-09-27 09:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-24 11:22 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-24 11:21 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-24 10:43 - 2022-05-15 23:14 - 000000000 ____D C:\Program Files\ruxim
2023-05-23 08:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-21 22:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-18 11:18 - 2022-05-26 21:06 - 001841736 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-18 11:18 - 2019-12-07 16:41 - 000752106 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-18 11:18 - 2019-12-07 16:41 - 000162644 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-18 11:10 - 2020-09-27 07:50 - 000486520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-18 11:08 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-18 11:07 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-17 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-05-17 09:48 - 2023-04-22 07:46 - 000004168 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582995124
2023-05-15 09:57 - 2022-05-16 21:22 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-13 19:46 - 2020-09-27 09:53 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-12 21:25 - 2015-01-30 00:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-12 20:41 - 2020-09-27 09:53 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 20:41 - 2020-09-27 09:53 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-12 20:22 - 2015-01-30 00:51 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-09 19:42 - 2019-09-14 06:46 - 000000000 ____D C:\Users\Leona\AppData\Local\D3DSCache
2023-05-09 19:23 - 2015-01-25 11:13 - 000000000 ___RD C:\Users\Leona\OneDrive

==================== Files in the root of some directories ========

2015-07-07 18:42 - 2015-07-07 18:55 - 016258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2020-01-14 17:07 - 2020-08-28 06:00 - 000004608 _____ () C:\Users\Leona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-11-14 19:06 - 2022-11-14 19:06 - 000000017 _____ () C:\Users\Leona\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

Re: zpomaleny Ntb

#7 Příspěvek od FrantaC »

takze oprava , LOG zde :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2023
Ran by Leona (administrator) on PC (Hewlett-Packard HP 15 Notebook PC) (06-06-2023 15:04:40)
Running from C:\Users\Leona\Desktop\FRST64.exe
Loaded Profiles: Leona
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\99.0.4788.24\opera_crashreporter.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Opera Norway AS -> Opera Software) C:\Program Files (x86)\Opera\opera.exe <16>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3970456 2023-05-16] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\Run: [MicrosoftEdgeAutoLaunch_C9456A310EBF7C41FF0A29F051DB1E61] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Leona\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Leona\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\RunOnce: [Uninstall 23.091.0430.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Leona\AppData\Local\Microsoft\OneDrive\23.091.0430.0001" (No File)
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-03-07] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\Users\Leona Vavřinová1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2015-07-07]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass (Marvasol Inc) -> LastPass)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {002093C8-5DC2-49A2-B910-E1B3AED9EBA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0528B8DB-FEA3-431C-9DED-1F1C5CF5BD8A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1267A5B8-B4FC-4C3B-BD9D-3BE2461AFD2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {14CB6448-A7DC-41BF-9420-3292F2C84E65} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1FAA7680-EB69-48DB-82D6-0DB082F85FE6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2BCDB61D-77DE-4A4F-9BBF-A6A54AA8E561} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2D814D45-BF34-438E-AEFB-19F57E370938} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {3851B45C-50E8-4B60-990C-32AFE56FDEFE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {387CFC9B-2F6A-41CD-A47A-D8E80D57D3CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {446BE331-C0C8-4D27-BE3D-B5BED3789851} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {4516CA01-3EE7-4C2D-B93F-2786BCFF8144} - System32\Tasks\Opera scheduled Autoupdate 1422188948 => C:\Program Files (x86)\Opera\launcher.exe [2707360 2023-05-24] (Opera Norway AS -> Opera Software)
Task: {48DF34BA-CE85-4B8E-A00F-7C2D78D2DD9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49AAC156-55B5-4BA8-9679-02B800E9BB4C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {59412D9F-3D92-4E29-9A2D-B9505182AECF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {6B011543-7375-495A-A388-7E7C502C50EA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {76D7E029-AF27-417B-B43B-447883E8A0A2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {79D92F21-8FC4-4BFA-9D8B-D91C336E3159} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [339008 2013-03-12] (CyberLink Corp. -> CyberLink Corp.)
Task: {7B9900F5-A596-4225-8FBC-06D0E0764DEA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-04-04] (HP Inc. -> HP Inc.)
Task: {859F589C-ACAF-4FAD-AC37-3FA0A989A804} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1003 -> No File <==== ATTENTION
Task: {868B84A6-D742-42ED-AF05-8C7CEDC0D09D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {95AD2304-920B-4414-8474-B82F1264625C} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: {99FF3CA2-12DB-4BAE-AD04-4AC84C7CA0F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1FA4DF8-79C4-478B-8622-D08496106BA4} - System32\Tasks\G2MUploadTask-S-1-5-21-1067854488-1616466786-2691910615-1001 => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A2758D71-7662-407B-AF16-744312328D6F} - System32\Tasks\G2MUpdateTask-S-1-5-21-1067854488-1616466786-2691910615-1001 => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {ADDD9823-04C8-4051-A0DF-7765DF03AE46} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4397144 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {BC3049BF-8850-422C-B690-F7381D57196A} - System32\Tasks\Opera scheduled assistant Autoupdate 1582995124 => C:\Program Files (x86)\Opera\launcher.exe [2707360 2023-05-24] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {BEBDC119-4547-4B1B-9A05-C75544E190F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C17B41E5-7497-48E1-91C8-C811200C6F34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C5345263-6519-41B4-8ED4-79F30B7B345A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DDA709F9-19A6-4D65-B573-4A329F9276F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E000B16E-C1FE-4679-86FB-67BEF511B631} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1001 -> No File <==== ATTENTION
Task: {E2A55C7D-B9E5-43D9-B571-35D7C38BA468} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E6E68354-6E53-44FC-8E8C-4A0BC0C323E5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [159583304 2023-05-12] (Microsoft Windows -> Microsoft Corporation)
Task: {E7A5E8F6-CB0A-4100-AB25-E47228B0BBC4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E826BE25-C44E-4AB5-B5C1-659FF227A413} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3616520 2016-03-31] (McAfee, Inc. -> McAfee, Inc.)
Task: {EAE609CA-B65B-4787-8B54-AC0BABD6C064} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-04-04] (HP Inc. -> HP Inc.)
Task: {EC105C9F-1346-4769-9285-BF1DEFF148BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F76B2DC4-1AA8-4C93-804F-2714883D4E02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE95DA2A-AC6B-45B1-BA12-73820163A167} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-1067854488-1616466786-2691910615-1001.job => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-1067854488-1616466786-2691910615-1001.job => C:\Users\Leona\AppData\Local\GoToMeeting\19950\g2mupload.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4306bc2f-104c-43a9-9687-dd380912c706}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{ef05e134-7d5f-4452-936c-b55ca564de0d}: [DhcpNameServer] 80.87.176.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
DownloadDir: C:\Users\Leona\Downloads
Edge Notifications: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001 -> hxxps://www.lide.cz
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Leona\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-18]
Edge DownloadDir: Default -> C:\Users\Leona\Downloads
Edge Notifications: Default -> hxxps://www.lide.cz
Edge Extension: (Edge relevant text changes) - C:\Users\Leona\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)

Opera:
=======
OPR Profile: C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable [2023-06-06]
OPR Notifications: Opera Stable -> hxxps://www.exasoft.cz; hxxps://www.gourmetkava.cz; hxxps://www.knihcentrum.cz; hxxps://www.lide.cz; hxxps://www.luxor.cz; hxxps://www.megaknihy.cz; hxxps://www.prolekarniky.cz
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-11]
OPR Extension: (Opera Wallet) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-24]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-16]
OPR Extension: (Opera AI Prompts) - C:\Users\Leona\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-05-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-18] (Andrea Electronics -> Andrea Electronics Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer FREE\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [858064 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [857032 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [853920 2023-04-04] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [856992 2023-04-04] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-26] (HP Inc. -> HP Inc.)
S2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe [3228464 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe [133592 2023-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498984 2023-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-06 15:04 - 2023-06-06 15:09 - 000021719 _____ C:\Users\Leona\Desktop\FRST.txt
2023-06-06 15:04 - 2023-06-06 15:04 - 000000000 ____D C:\Users\Leona\Desktop\FRST-OlderVersion
2023-06-06 14:26 - 2023-06-06 14:30 - 000000000 ____D C:\AdwCleaner
2023-06-06 14:25 - 2023-06-06 14:25 - 008791352 _____ (Malwarebytes) C:\Users\Leona\Desktop\adwcleaner.exe
2023-06-06 14:21 - 2023-06-06 14:21 - 000000000 ____D C:\ProgramData\PLUG
2023-05-24 19:37 - 2023-05-24 20:03 - 000044078 _____ C:\Users\Leona\Desktop\Addition.txt
2023-05-24 19:28 - 2023-06-06 15:07 - 000000000 ____D C:\FRST
2023-05-24 19:26 - 2023-06-06 15:04 - 002383360 _____ (Farbar) C:\Users\Leona\Desktop\FRST64.exe
2023-05-24 14:55 - 2023-05-24 14:55 - 014198072 _____ C:\Users\Leona\Desktop\registry-clean-expert.exe
2023-05-21 22:10 - 2023-05-21 22:10 - 000000000 ___HD C:\$WinREAgent
2023-05-10 13:58 - 2023-05-10 13:58 - 000488346 _____ C:\Users\Leona\Downloads\PastedGraphic-2.tiff
2023-05-09 19:23 - 2023-05-09 19:23 - 000000769 _____ C:\Users\Leona\Desktop\Dokumenty – zástupce.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-06 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-06 14:29 - 2020-09-27 09:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-05 20:16 - 2020-09-27 07:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-04 19:50 - 2020-09-27 09:53 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-04 19:50 - 2020-09-27 09:53 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-06-04 19:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-04 19:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-04 19:17 - 2023-05-01 22:17 - 000002388 _____ C:\Users\Leona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-04 19:17 - 2022-05-26 21:26 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1067854488-1616466786-2691910615-1001
2023-06-04 19:17 - 2022-05-26 21:26 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1067854488-1616466786-2691910615-1001
2023-06-04 19:05 - 2015-01-25 14:27 - 000000000 ____D C:\Program Files (x86)\Opera
2023-05-25 14:46 - 2022-10-18 22:08 - 000003944 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1422188948
2023-05-25 14:46 - 2022-10-18 22:06 - 000001162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-05-24 11:29 - 2017-09-20 20:39 - 000000000 ____D C:\Users\Leona\Documents\Youcam
2023-05-24 11:24 - 2016-06-03 16:54 - 000000000 __SHD C:\Users\Leona\IntelGraphicsProfiles
2023-05-24 11:22 - 2020-09-27 09:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-24 11:22 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-24 11:21 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-24 10:43 - 2022-05-15 23:14 - 000000000 ____D C:\Program Files\ruxim
2023-05-23 08:59 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-21 22:37 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-05-18 11:18 - 2022-05-26 21:06 - 001841736 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-18 11:18 - 2019-12-07 16:41 - 000752106 _____ C:\WINDOWS\system32\perfh005.dat
2023-05-18 11:18 - 2019-12-07 16:41 - 000162644 _____ C:\WINDOWS\system32\perfc005.dat
2023-05-18 11:10 - 2020-09-27 07:50 - 000486520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-18 11:08 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-18 11:07 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-18 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-17 12:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-05-17 09:48 - 2023-04-22 07:46 - 000004168 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582995124
2023-05-15 09:57 - 2022-05-16 21:22 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-13 19:46 - 2020-09-27 09:53 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-12 21:25 - 2015-01-30 00:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-12 20:41 - 2020-09-27 09:53 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 20:41 - 2020-09-27 09:53 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-12 20:22 - 2015-01-30 00:51 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-09 19:42 - 2019-09-14 06:46 - 000000000 ____D C:\Users\Leona\AppData\Local\D3DSCache
2023-05-09 19:23 - 2015-01-25 11:13 - 000000000 ___RD C:\Users\Leona\OneDrive

==================== Files in the root of some directories ========

2015-07-07 18:42 - 2015-07-07 18:55 - 016258616 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2020-01-14 17:07 - 2020-08-28 06:00 - 000004608 _____ () C:\Users\Leona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-11-14 19:06 - 2022-11-14 19:06 - 000000017 _____ () C:\Users\Leona\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny Ntb

#8 Příspěvek od Rudy »

Rudy píše: 06 čer 2023 13:51 OK. Dejte nové logy FRST+Addition.
Nikde nevidím log Additin. Měl by být na ploše v souboru addition.txt. Prosím doplňte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

Re: zpomaleny Ntb

#9 Příspěvek od FrantaC »

Zde chybejici addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2023
Ran by Leona (06-06-2023 15:14:01)
Running from C:\Users\Leona\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2022-05-26 19:27:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1067854488-1616466786-2691910615-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1067854488-1616466786-2691910615-503 - Limited - Disabled)
Guest (S-1-5-21-1067854488-1616466786-2691910615-501 - Limited - Disabled)
Leona (S-1-5-21-1067854488-1616466786-2691910615-1001 - Administrator - Enabled) => C:\Users\Leona
WDAGUtilityAccount (S-1-5-21-1067854488-1616466786-2691910615-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.2 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer FREE v.1.0.0 (HKLM-x32\...\{4209F371-8668-980C-19C9-F8698AB75135}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
FreeCommander XE (HKLM-x32\...\{C43DA88C-4A65-4579-8E4B-21F2954E9ECB}) (Version: 19.0.790 - Marek Jasinski - www.FreeCommander.com)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (HKLM\...\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}) (Version: 4.5.12202 - Hewlett-Packard) Hidden
HP Recovery Manager (HKLM-x32\...\{FD49537C-C3A6-4F8D-93E6-68C778A1E192}) (Version: 12.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM\...\{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard) Hidden
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.18.34.21 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{2D6248C0-4693-4CAB-9922-F05E4015F62A}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{6307E820-0317-4DCE-AAE0-7B6CAD867055}) (Version: 1.0.0.1064 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.2.1.2 (HKLM\...\{942CC03C-C118-4250-BD81-7BBB53A57FCE}) (Version: 7.2.1.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.37 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\OneDriveSetup.exe) (Version: 23.101.0514.0001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Opera Stable 99.0.4788.24 (HKLM-x32\...\Opera 99.0.4788.24) (Version: 99.0.4788.24 - Opera Software)
Photo Common (HKLM-x32\...\{140754E1-C019-44A9-A81B-2D7625AABE8A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{0F929651-F516-4956-90F2-FFBD2CD5D30E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows Live Communications Platform (HKLM-x32\...\{03D562B5-C4E2-4846-A920-33178788BE00}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9976E0BD-56A6-4A32-8597-B80FCE62063A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{FA29B84F-8306-4A62-A340-F2C41305E7AF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{E3445598-4424-4EE2-B71C-C23325F7FB71}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{6B6923B9-8719-425B-916C-CD2908F31AAF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{10640F6D-6AB0-401E-9FC6-A94D19C580BC}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{28950295-A98C-4081-AC82-045E9879945E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Zoom (HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2023-03-31] (Box, Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.244.300.0_x64__kgqvnymyfvs32 [2023-06-04] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.945.0_x64__rz1tebttyb220 [2023-05-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-03] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-05-23] (Microsoft Corporation)
Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2017-04-11] (Google Inc)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-01-29] (Hewlett-Packard Company)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.25.18.0_x64__v10z8vjag6ke6 [2023-04-09] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-18] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-18] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-18] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0 [2023-05-28] (Spotify AB) [Startup Task]
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2015.1108.1.0_x64__t3yemqpq4kp7p [2016-06-03] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation)
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-01-29] (CYBERLINKCOM CORP)
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-04] (Hewlett-Packard Company)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Leona\AppData\Local\GoToMeeting\19932\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {5F57C5D2-57CC-46B9-B612-44DE846CD8B2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {5F57C5D2-57CC-46B9-B612-44DE846CD8B2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001 -> {2654D766-CA48-4DD1-95F0-86B6776D648F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001 -> {5F57C5D2-57CC-46B9-B612-44DE846CD8B2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-04-04] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-04-04] (HP Inc. -> HP Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C9456A310EBF7C41FF0A29F051DB1E61"
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C7B53A58-FCF2-4AFF-91E5-2E392B04663C}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{EC7B65BF-6282-4101-B119-5D5EC4F70EDA}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{450E0297-4329-4B1D-AA7B-94CE828FF89E}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{0BC08927-8A1C-4A3D-B5B8-E2A1CF2387DD}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{BD4C8856-2F0B-4479-9C1B-59DC2D5BD571}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{34709CA4-3BBE-4CB3-A642-06A3964E7C46}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{8FCDC5EB-065C-4386-A5D7-39876461603C}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D5C7B4F6-5D0C-4AFB-8CDD-635BFF0BD32E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{93900CE7-ABAB-499E-A74A-E3EBE38E738F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A3A1EBE4-9E83-4B1D-BA25-B303A62A7E5E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{FE8A4B65-B3AF-4B63-8B3A-907F55B6E406}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{92FACFDC-54C5-4B2E-A65C-859C46E18D92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{DE1708BB-A927-42B3-8318-BC283A581F95}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{818D8657-2257-4596-A939-C354F928241B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3F00D10F-6E00-4422-8412-E1793ECB8837}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3B64094E-51D8-4D1E-A668-427F0655A231}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{80201664-F6D7-4602-BE4C-C54E606A74B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17A84DB5-D069-42F1-B2F7-C83282490A19}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB96E1DA-544F-4CA6-BC52-4D341928A7FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD3A53FF-7C52-445C-80B6-6BEEE9D13847}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe => No File
FirewallRules: [{A5FC073B-36DB-4A08-8730-6ED44EEF5756}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe => No File
FirewallRules: [{3C285737-2CFA-4A55-AF5A-158F30C33FF0}] => (Allow) C:\Users\Leona\AppData\Local\HPConnectedMusic\Application\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{6B6A0432-47A4-4EBE-9E3A-8AA8DE2EF398}] => (Allow) C:\Users\Leona\AppData\Local\HPConnectedMusic\Application\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{70D0CBED-23EF-4B29-BB1C-08AA0AA47E01}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{888FE608-493A-4376-8F7A-CFF7ADD78E05}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{48B3F4CC-CFBB-4C49-9AFD-BD35CCC02F06}] => (Allow) LPort=1900
FirewallRules: [{50BAC705-4DDC-4E09-AB98-337881F214E9}] => (Allow) LPort=2869
FirewallRules: [{C1041840-BC9B-490A-9AEC-BC364F6B61A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3F35143-F913-48DC-A70B-6A3FE6D0CBFE}] => (Allow) C:\Program Files (x86)\Opera\98.0.4759.39\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{3923E77A-BE64-456E-ACB7-8783539D2EF4}] => (Allow) C:\Program Files (x86)\Opera\99.0.4788.24\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{727FAF58-5117-4D43-AA33-4658616C136F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{51034B24-CAC8-4043-87FC-CD736E4390AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B965840B-6FF5-48F8-B972-70F59008EB0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F4F3C840-8563-4E5F-9E1E-89FA51B5C7D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{356C3549-0B34-48E4-A184-9A4FBEFD0D60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D8BC1033-7713-4424-B31B-1C2E93BD580B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DCE15878-4AB2-4028-9201-AEFE278280CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E920A654-2B81-44F1-8065-D1C938E58AA1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{71212195-FD5F-4E89-9A4B-B3BC904150F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D08276A9-05C4-4260-84F7-48EAF37C4D27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A25660E5-28B0-407B-BAA1-D2642DF7D471}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

18-04-2023 08:58:50 Instalační služba modulů systému Windows
12-05-2023 21:30:07 Instalační služba modulů systému Windows
23-05-2023 08:48:56 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/05/2023 08:16:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname PC.local already in use; will try PC-2.local instead

Error: (06/05/2023 08:16:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 PC.local. Addr 169.254.11.217

Error: (06/05/2023 08:16:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.161:5353 4 PC.local. Addr 192.168.0.161

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 12 1.0.0.127.in-addr.arpa. PTR PC-2.local.

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353 10 1.0.0.127.in-addr.arpa. PTR PC.local.

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 12 2.A.3.8.1.7.9.3.3.3.9.2.2.2.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PC-2.local.

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:7622:2933:3971:83A2:5353 10 2.A.3.8.1.7.9.3.3.3.9.2.2.2.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PC.local.

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname PC.local already in use; will try PC-2.local instead


System errors:
=============
Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP SimplePass Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HPWMISVC byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP App Helper HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Network HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Diagnostics HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-03-26 22:57:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3AD7995B-B8DB-49D0-92AD-E045C5487DE6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-25 17:44:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {38184A45-F545-4DE4-8862-9218B417EC57}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Event[0]:

Date: 2023-06-04 19:10:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.445.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-06-04 19:10:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.445.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-05-17 10:05:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1334.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-05-17 10:05:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1334.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-05-17 10:05:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1334.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

==================== Memory info ===========================

BIOS: Insyde F.23 09/19/2014
Motherboard: Hewlett-Packard 2213
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 76%
Total physical RAM: 3984.27 MB
Available physical RAM: 928.34 MB
Total Virtual: 7056.27 MB
Available Virtual: 3506.64 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:446.66 GB) (Free:362.46 GB) (Model: ST500LT012-1DG142) NTFS
Drive d: (RECOVERY) (Fixed) (Total:17.11 GB) (Free:1.67 GB) (Model: ST500LT012-1DG142) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{35064ba6-0b62-4049-bcef-eabd045cf5fc}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS
\\?\Volume{33ec051c-8920-4cc7-8d01-bb2ad29dd224}\ () (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{e469488e-14c2-4bb8-a5ad-6c8ff8acb9c6}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6DA15431)

Partition: GPT.

==================== End of Addition.txt =======================

FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

Re: zpomaleny Ntb

#10 Příspěvek od FrantaC »

Zde chybejici addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2023
Ran by Leona (06-06-2023 15:14:01)
Running from C:\Users\Leona\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2022-05-26 19:27:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1067854488-1616466786-2691910615-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1067854488-1616466786-2691910615-503 - Limited - Disabled)
Guest (S-1-5-21-1067854488-1616466786-2691910615-501 - Limited - Disabled)
Leona (S-1-5-21-1067854488-1616466786-2691910615-1001 - Administrator - Enabled) => C:\Users\Leona
WDAGUtilityAccount (S-1-5-21-1067854488-1616466786-2691910615-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.2 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer FREE v.1.0.0 (HKLM-x32\...\{4209F371-8668-980C-19C9-F8698AB75135}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
FreeCommander XE (HKLM-x32\...\{C43DA88C-4A65-4579-8E4B-21F2954E9ECB}) (Version: 19.0.790 - Marek Jasinski - www.FreeCommander.com)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (HKLM\...\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}) (Version: 4.5.12202 - Hewlett-Packard) Hidden
HP Recovery Manager (HKLM-x32\...\{FD49537C-C3A6-4F8D-93E6-68C778A1E192}) (Version: 12.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM\...\{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard) Hidden
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.18.34.21 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{2D6248C0-4693-4CAB-9922-F05E4015F62A}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{6307E820-0317-4DCE-AAE0-7B6CAD867055}) (Version: 1.0.0.1064 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.2.1.2 (HKLM\...\{942CC03C-C118-4250-BD81-7BBB53A57FCE}) (Version: 7.2.1.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.37 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\OneDriveSetup.exe) (Version: 23.101.0514.0001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Opera Stable 99.0.4788.24 (HKLM-x32\...\Opera 99.0.4788.24) (Version: 99.0.4788.24 - Opera Software)
Photo Common (HKLM-x32\...\{140754E1-C019-44A9-A81B-2D7625AABE8A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{0F929651-F516-4956-90F2-FFBD2CD5D30E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7156 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows Live Communications Platform (HKLM-x32\...\{03D562B5-C4E2-4846-A920-33178788BE00}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9976E0BD-56A6-4A32-8597-B80FCE62063A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{FA29B84F-8306-4A62-A340-F2C41305E7AF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{E3445598-4424-4EE2-B71C-C23325F7FB71}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{6B6923B9-8719-425B-916C-CD2908F31AAF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{10640F6D-6AB0-401E-9FC6-A94D19C580BC}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{28950295-A98C-4081-AC82-045E9879945E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Zoom (HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2023-03-31] (Box, Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.244.300.0_x64__kgqvnymyfvs32 [2023-06-04] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.945.0_x64__rz1tebttyb220 [2023-05-11] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-03] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-05-23] (Microsoft Corporation)
Google -> C:\Program Files\WindowsApps\GoogleInc.GoogleSearch_2.1.19.0_x64__yfg5n0ztvskxp [2017-04-11] (Google Inc)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-01-29] (Hewlett-Packard Company)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.25.18.0_x64__v10z8vjag6ke6 [2023-04-09] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-18] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-18] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-18] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0 [2023-05-28] (Spotify AB) [Startup Task]
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2015.1108.1.0_x64__t3yemqpq4kp7p [2016-06-03] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-04] (Microsoft Corporation)
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-01-29] (CYBERLINKCOM CORP)
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-04] (Hewlett-Packard Company)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Leona\AppData\Local\GoToMeeting\19932\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-10-17] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {5F57C5D2-57CC-46B9-B612-44DE846CD8B2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {5F57C5D2-57CC-46B9-B612-44DE846CD8B2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001 -> {2654D766-CA48-4DD1-95F0-86B6776D648F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001 -> {5F57C5D2-57CC-46B9-B612-44DE846CD8B2} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-04-04] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-04-04] (HP Inc. -> HP Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_C9456A310EBF7C41FF0A29F051DB1E61"
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C7B53A58-FCF2-4AFF-91E5-2E392B04663C}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{EC7B65BF-6282-4101-B119-5D5EC4F70EDA}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{450E0297-4329-4B1D-AA7B-94CE828FF89E}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{0BC08927-8A1C-4A3D-B5B8-E2A1CF2387DD}C:\program files (x86)\opera\opera.exe] => (Block) C:\program files (x86)\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{BD4C8856-2F0B-4479-9C1B-59DC2D5BD571}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{34709CA4-3BBE-4CB3-A642-06A3964E7C46}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{8FCDC5EB-065C-4386-A5D7-39876461603C}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D5C7B4F6-5D0C-4AFB-8CDD-635BFF0BD32E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{93900CE7-ABAB-499E-A74A-E3EBE38E738F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A3A1EBE4-9E83-4B1D-BA25-B303A62A7E5E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{FE8A4B65-B3AF-4B63-8B3A-907F55B6E406}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{92FACFDC-54C5-4B2E-A65C-859C46E18D92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{DE1708BB-A927-42B3-8318-BC283A581F95}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{818D8657-2257-4596-A939-C354F928241B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3F00D10F-6E00-4422-8412-E1793ECB8837}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3B64094E-51D8-4D1E-A668-427F0655A231}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{80201664-F6D7-4602-BE4C-C54E606A74B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{17A84DB5-D069-42F1-B2F7-C83282490A19}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB96E1DA-544F-4CA6-BC52-4D341928A7FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FD3A53FF-7C52-445C-80B6-6BEEE9D13847}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe => No File
FirewallRules: [{A5FC073B-36DB-4A08-8730-6ED44EEF5756}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe => No File
FirewallRules: [{3C285737-2CFA-4A55-AF5A-158F30C33FF0}] => (Allow) C:\Users\Leona\AppData\Local\HPConnectedMusic\Application\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{6B6A0432-47A4-4EBE-9E3A-8AA8DE2EF398}] => (Allow) C:\Users\Leona\AppData\Local\HPConnectedMusic\Application\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{70D0CBED-23EF-4B29-BB1C-08AA0AA47E01}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{888FE608-493A-4376-8F7A-CFF7ADD78E05}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe (Meridian Audio Ltd -> Meridian Audio Ltd)
FirewallRules: [{48B3F4CC-CFBB-4C49-9AFD-BD35CCC02F06}] => (Allow) LPort=1900
FirewallRules: [{50BAC705-4DDC-4E09-AB98-337881F214E9}] => (Allow) LPort=2869
FirewallRules: [{C1041840-BC9B-490A-9AEC-BC364F6B61A7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3F35143-F913-48DC-A70B-6A3FE6D0CBFE}] => (Allow) C:\Program Files (x86)\Opera\98.0.4759.39\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{3923E77A-BE64-456E-ACB7-8783539D2EF4}] => (Allow) C:\Program Files (x86)\Opera\99.0.4788.24\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{727FAF58-5117-4D43-AA33-4658616C136F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{51034B24-CAC8-4043-87FC-CD736E4390AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B965840B-6FF5-48F8-B972-70F59008EB0F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F4F3C840-8563-4E5F-9E1E-89FA51B5C7D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{356C3549-0B34-48E4-A184-9A4FBEFD0D60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D8BC1033-7713-4424-B31B-1C2E93BD580B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DCE15878-4AB2-4028-9201-AEFE278280CB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E920A654-2B81-44F1-8065-D1C938E58AA1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{71212195-FD5F-4E89-9A4B-B3BC904150F8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D08276A9-05C4-4260-84F7-48EAF37C4D27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A25660E5-28B0-407B-BAA1-D2642DF7D471}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

18-04-2023 08:58:50 Instalační služba modulů systému Windows
12-05-2023 21:30:07 Instalační služba modulů systému Windows
23-05-2023 08:48:56 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/05/2023 08:16:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname PC.local already in use; will try PC-2.local instead

Error: (06/05/2023 08:16:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 PC.local. Addr 169.254.11.217

Error: (06/05/2023 08:16:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.161:5353 4 PC.local. Addr 192.168.0.161

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 12 1.0.0.127.in-addr.arpa. PTR PC-2.local.

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353 10 1.0.0.127.in-addr.arpa. PTR PC.local.

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 12 2.A.3.8.1.7.9.3.3.3.9.2.2.2.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PC-2.local.

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:7622:2933:3971:83A2:5353 10 2.A.3.8.1.7.9.3.3.3.9.2.2.2.6.7.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PC.local.

Error: (06/05/2023 12:49:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname PC.local already in use; will try PC-2.local instead


System errors:
=============
Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP SimplePass Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HPWMISVC byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP App Helper HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Network HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Diagnostics HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/06/2023 02:30:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-03-26 22:57:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3AD7995B-B8DB-49D0-92AD-E045C5487DE6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-25 17:44:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {38184A45-F545-4DE4-8862-9218B417EC57}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\NETWORK SERVICE
Event[0]:

Date: 2023-06-04 19:10:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.445.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-06-04 19:10:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.391.445.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23050.3
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-05-17 10:05:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1334.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-05-17 10:05:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1334.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-05-17 10:05:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.1334.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

==================== Memory info ===========================

BIOS: Insyde F.23 09/19/2014
Motherboard: Hewlett-Packard 2213
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 76%
Total physical RAM: 3984.27 MB
Available physical RAM: 928.34 MB
Total Virtual: 7056.27 MB
Available Virtual: 3506.64 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:446.66 GB) (Free:362.46 GB) (Model: ST500LT012-1DG142) NTFS
Drive d: (RECOVERY) (Fixed) (Total:17.11 GB) (Free:1.67 GB) (Model: ST500LT012-1DG142) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{35064ba6-0b62-4049-bcef-eabd045cf5fc}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.35 GB) NTFS
\\?\Volume{33ec051c-8920-4cc7-8d01-bb2ad29dd224}\ () (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{e469488e-14c2-4bb8-a5ad-6c8ff8acb9c6}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6DA15431)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny Ntb

#11 Příspěvek od Rudy »

OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {002093C8-5DC2-49A2-B910-E1B3AED9EBA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0528B8DB-FEA3-431C-9DED-1F1C5CF5BD8A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {14CB6448-A7DC-41BF-9420-3292F2C84E65} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1FAA7680-EB69-48DB-82D6-0DB082F85FE6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2BCDB61D-77DE-4A4F-9BBF-A6A54AA8E561} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
ask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {3851B45C-50E8-4B60-990C-32AFE56FDEFE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {387CFC9B-2F6A-41CD-A47A-D8E80D57D3CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {446BE331-C0C8-4D27-BE3D-B5BED3789851} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {859F589C-ACAF-4FAD-AC37-3FA0A989A804} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1003 -> No File <==== ATTENTION
Task: {868B84A6-D742-42ED-AF05-8C7CEDC0D09D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {BEBDC119-4547-4B1B-9A05-C75544E190F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C17B41E5-7497-48E1-91C8-C811200C6F34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DDA709F9-19A6-4D65-B573-4A329F9276F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E000B16E-C1FE-4679-86FB-67BEF511B631} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1001 -> No File <==== ATTENTION
Task: {E2A55C7D-B9E5-43D9-B571-35D7C38BA468} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E7A5E8F6-CB0A-4100-AB25-E47228B0BBC4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EC105C9F-1346-4769-9285-BF1DEFF148BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FE95DA2A-AC6B-45B1-BA12-73820163A167} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
C:\DumpStack.log.tmp
C:\Users\Leona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Leona\AppData\Local\GoToMeeting\19932\G2MOutlookAddin64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{BD4C8856-2F0B-4479-9C1B-59DC2D5BD571}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{34709CA4-3BBE-4CB3-A642-06A3964E7C46}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A3A1EBE4-9E83-4B1D-BA25-B303A62A7E5E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{92FACFDC-54C5-4B2E-A65C-859C46E18D92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{92FACFDC-54C5-4B2E-A65C-859C46E18D92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{818D8657-2257-4596-A939-C354F928241B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3F00D10F-6E00-4422-8412-E1793ECB8837}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{FD3A53FF-7C52-445C-80B6-6BEEE9D13847}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe => No File
FirewallRules: [{A5FC073B-36DB-4A08-8730-6ED44EEF5756}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

Re: zpomaleny Ntb

#12 Příspěvek od FrantaC »

Fix proveden , Log zde :

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-05-2023
Ran by Leona (10-06-2023 11:56:29) Run:1
Running from C:\Users\Leona\Desktop
Loaded Profiles: Leona
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {002093C8-5DC2-49A2-B910-E1B3AED9EBA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0528B8DB-FEA3-431C-9DED-1F1C5CF5BD8A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {14CB6448-A7DC-41BF-9420-3292F2C84E65} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1FAA7680-EB69-48DB-82D6-0DB082F85FE6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2BCDB61D-77DE-4A4F-9BBF-A6A54AA8E561} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
ask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {3851B45C-50E8-4B60-990C-32AFE56FDEFE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {387CFC9B-2F6A-41CD-A47A-D8E80D57D3CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {446BE331-C0C8-4D27-BE3D-B5BED3789851} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {859F589C-ACAF-4FAD-AC37-3FA0A989A804} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1003 -> No File <==== ATTENTION
Task: {868B84A6-D742-42ED-AF05-8C7CEDC0D09D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {BEBDC119-4547-4B1B-9A05-C75544E190F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C17B41E5-7497-48E1-91C8-C811200C6F34} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DDA709F9-19A6-4D65-B573-4A329F9276F7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E000B16E-C1FE-4679-86FB-67BEF511B631} - \WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1001 -> No File <==== ATTENTION
Task: {E2A55C7D-B9E5-43D9-B571-35D7C38BA468} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E7A5E8F6-CB0A-4100-AB25-E47228B0BBC4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EC105C9F-1346-4769-9285-BF1DEFF148BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FE95DA2A-AC6B-45B1-BA12-73820163A167} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
C:\DumpStack.log.tmp
C:\Users\Leona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CustomCLSID: HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Leona\AppData\Local\GoToMeeting\19932\G2MOutlookAddin64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{BD4C8856-2F0B-4479-9C1B-59DC2D5BD571}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{34709CA4-3BBE-4CB3-A642-06A3964E7C46}] => (Allow) C:\Users\Leona\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A3A1EBE4-9E83-4B1D-BA25-B303A62A7E5E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe => No File
FirewallRules: [{92FACFDC-54C5-4B2E-A65C-859C46E18D92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{92FACFDC-54C5-4B2E-A65C-859C46E18D92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{818D8657-2257-4596-A939-C354F928241B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3F00D10F-6E00-4422-8412-E1793ECB8837}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{FD3A53FF-7C52-445C-80B6-6BEEE9D13847}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe => No File
FirewallRules: [{A5FC073B-36DB-4A08-8730-6ED44EEF5756}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe => No File

EmptyTemp:
End

*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{002093C8-5DC2-49A2-B910-E1B3AED9EBA4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{002093C8-5DC2-49A2-B910-E1B3AED9EBA4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0528B8DB-FEA3-431C-9DED-1F1C5CF5BD8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0528B8DB-FEA3-431C-9DED-1F1C5CF5BD8A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14CB6448-A7DC-41BF-9420-3292F2C84E65}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14CB6448-A7DC-41BF-9420-3292F2C84E65}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FAA7680-EB69-48DB-82D6-0DB082F85FE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FAA7680-EB69-48DB-82D6-0DB082F85FE6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2BCDB61D-77DE-4A4F-9BBF-A6A54AA8E561}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BCDB61D-77DE-4A4F-9BBF-A6A54AA8E561}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
ask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File) => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3851B45C-50E8-4B60-990C-32AFE56FDEFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3851B45C-50E8-4B60-990C-32AFE56FDEFE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{387CFC9B-2F6A-41CD-A47A-D8E80D57D3CD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{387CFC9B-2F6A-41CD-A47A-D8E80D57D3CD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{446BE331-C0C8-4D27-BE3D-B5BED3789851}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{446BE331-C0C8-4D27-BE3D-B5BED3789851}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{859F589C-ACAF-4FAD-AC37-3FA0A989A804}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{859F589C-ACAF-4FAD-AC37-3FA0A989A804}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1003" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{868B84A6-D742-42ED-AF05-8C7CEDC0D09D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{868B84A6-D742-42ED-AF05-8C7CEDC0D09D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEBDC119-4547-4B1B-9A05-C75544E190F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEBDC119-4547-4B1B-9A05-C75544E190F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C17B41E5-7497-48E1-91C8-C811200C6F34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C17B41E5-7497-48E1-91C8-C811200C6F34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDA709F9-19A6-4D65-B573-4A329F9276F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDA709F9-19A6-4D65-B573-4A329F9276F7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E000B16E-C1FE-4679-86FB-67BEF511B631}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E000B16E-C1FE-4679-86FB-67BEF511B631}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1067854488-1616466786-2691910615-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2A55C7D-B9E5-43D9-B571-35D7C38BA468}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2A55C7D-B9E5-43D9-B571-35D7C38BA468}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7A5E8F6-CB0A-4100-AB25-E47228B0BBC4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7A5E8F6-CB0A-4100-AB25-E47228B0BBC4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC105C9F-1346-4769-9285-BF1DEFF148BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC105C9F-1346-4769-9285-BF1DEFF148BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE95DA2A-AC6B-45B1-BA12-73820163A167}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE95DA2A-AC6B-45B1-BA12-73820163A167}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Leona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKU\S-1-5-21-1067854488-1616466786-2691910615-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD4C8856-2F0B-4479-9C1B-59DC2D5BD571}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{34709CA4-3BBE-4CB3-A642-06A3964E7C46}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3A1EBE4-9E83-4B1D-BA25-B303A62A7E5E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92FACFDC-54C5-4B2E-A65C-859C46E18D92}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92FACFDC-54C5-4B2E-A65C-859C46E18D92}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{818D8657-2257-4596-A939-C354F928241B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F00D10F-6E00-4422-8412-E1793ECB8837}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD3A53FF-7C52-445C-80B6-6BEEE9D13847}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A5FC073B-36DB-4A08-8730-6ED44EEF5756}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 169720276 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 109565342 B
Edge => 19618528 B
Firefox => 0 B
Opera => 544780044 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2446 B
NetworkService => 74415276 B
Leona => 5762710311 B

RecycleBin => 6797069 B
EmptyTemp: => 6.2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 10-06-2023 12:51:50)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 12:51:50 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny Ntb

#13 Příspěvek od Rudy »

Smazáno. Zrychlil se chod?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

FrantaC
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 29 črc 2012 09:04

Re: zpomaleny Ntb

#14 Příspěvek od FrantaC »

Povedlo se . Diky moc a posílám příspěvek.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny Ntb

#15 Příspěvek od Rudy »

Za příspěvek děkujeme a vy nemáte zač" :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno