Prosím o kontrolu logu. Strašně moc pomalý notebook. Dlouho se spouštěl. Sken trval skoro 30 minut. Přidávám i sken z Adwcleaner.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by User (administrator) on DESKTOP-EC1UE5I (HP HP 250 G4 Notebook PC) (07-10-2023 16:02:10)
Running from C:\Users\User\Desktop\FRST64 (2).exe
Loaded Profiles: User
Platform: Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-10-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MFNetworkScannerSelector] => C:\Program Files\Canon\Canon MF Network Scanner Selector\CMFNSS6.EXE [459904 2018-01-30] (CANON INC. -> CANON INC.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Canon Toner Status] => C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe [1906808 2018-06-20] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49703256 2018-08-01] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\Run: [MicrosoftEdgeAutoLaunch_C46CFC0629905CC775E70B50EA8A519C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\MountPoints2: {3e5992b2-a930-11ec-92b6-705a0fb3829d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\MountPoints2: {7c6173e9-0466-11ee-947a-705a0fb3829d} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\Canon MFNP Port: C:\WINDOWS\system32\CNCENPM6.dll [153088 2018-01-29] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 9311 Status Monitor: C:\WINDOWS\system32\hpinksts9311LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050 J610 series): C:\WINDOWS\system32\HPDiscoPM9311.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.149\Installer\chrmstp.exe [2023-10-04] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\116.0.22388.188\Installer\chrmstp.exe [2023-09-21] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3050 J610 series (Síť).lnk [2020-10-11]
ShortcutAndArgument: Sledovat výstrahy inkoustu - HP Deskjet 3050 J610 series (Síť).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 3050 J610 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0BD394Q805HX;CONNECTION=NW;MONITOR=1;
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {6A2971C6-E375-4115-A3F8-F9F066C4D68A} - System32\Tasks\{1796BA70-D5AF-44FA-A265-BF9CA2805CC1} => "c:\program files (x86)\google\chrome\application\chrome.exe" -> hxxps://ui.skype.com/ui/0/7.33.0.105/cs/eula
Task: {CD8CF170-166E-466B-935A-F0112A51C782} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {E30C4FAC-B64F-485C-8800-CD2A63358F4A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3355432 2023-09-12] (Avast Software s.r.o. -> AVAST Software)
Task: {D0ABD719-9BB2-46B9-BA8C-1A82518568CA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3355432 2023-09-12] (Avast Software s.r.o. -> AVAST Software)
Task: {03CDBD2E-10FE-4FE6-9DD4-F3BCEA7DC709} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-01] (Avast Software s.r.o. -> AVAST Software)
Task: {7E52230A-1A54-414F-8790-844016B7164C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-01] (Avast Software s.r.o. -> AVAST Software)
Task: {9D1BA660-3BE9-4A8B-AB82-C3A03CB8D671} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1826800 2018-05-30] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {7D891765-CED9-41F8-837F-9028F1FE956A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1763CF56-BE74-4B6E-B5BB-93D05801D094} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "a709c39a-0506-4ed6-932b-834ca1b47927" --version "6.16.10662" --silent
Task: {3D83BFC8-E383-4A14-BE3A-A7367ECB0CE7} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C8E9A624-A7CF-46E7-872F-32311194BF32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-05-08] (Google Inc -> Google LLC)
Task: {0C65A860-F3E5-40E6-BA07-B19DE20B8532} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-05-08] (Google Inc -> Google LLC)
Task: {7F66A660-6649-4155-BBFF-D224F2D2295C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2022-08-17] () [File not signed]
Task: {720FFE9C-C8A4-440F-A7A0-BA31C919F87D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-08-17] (HP Inc. -> HP Inc.)
Task: {3274FA4C-6855-4A6E-8B0B-F6835298CCD4} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\HP\HP Support Framework\Modules\HPWPD.exe [310856 2022-08-17] () [File not signed]
Task: {A63AC58F-60CD-4AA0-A2D3-2535E95AEA6B} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\HP\HP Support Framework\Modules\HPDeviceCheck\HPDeviceCheck.exe [316488 2022-08-17] (HP Inc. -> )
Task: {0B7FD79B-D1BC-44C4-9D57-6B68D1D2A567} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {263E7E2D-3A53-4626-B9C6-6C1C6881198E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {BFEA4A03-D744-46FD-8E4A-8C579E2EC6AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D2900B22-4D99-49D6-A774-17ADE762C462} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EC82E2F-FEDD-4F7D-8DA0-D7515BFBD87B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE6C08F6-A546-4CB2-BCC1-308F459DEF52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40D58AE4-3E62-4CDB-ACB0-21C4AF2C342A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3431129528-3102586650-2004860955-1001 => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4165000 2022-09-16] () [File not signed]
Task: {51AEF537-5C41-4642-8BEF-D38A4192EA51} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3431129528-3102586650-2004860955-1001 => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [4165000 2022-09-16] () [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 46.33.96.2
Tcpip\..\Interfaces\{87effa31-f7d4-4855-beb8-b37289cce541}: [DhcpNameServer] 46.33.96.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-07]
Edge Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-01]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-10-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-10-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-10-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-10-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2023-01-01] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3431129528-3102586650-2004860955-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-10-11] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2023-10-07]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-09]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-06-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-01] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2023-01-01] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\116.0.22388.188\elevation_service.exe [1837960 2023-09-12] (Avast Software s.r.o. -> AVAST Software)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [770600 2022-07-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [769040 2022-07-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [762408 2022-07-27] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [769064 2022-07-27] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 MpKsl8b7e7eee; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{985E0B56-43A9-451F-A7EA-1C99AA9B5C07}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-07 16:02 - 2023-10-07 16:06 - 000020467 _____ C:\Users\User\Desktop\FRST.txt
2023-10-07 16:00 - 2023-10-07 16:00 - 000000000 ____D C:\Users\User\Desktop\FRST-OlderVersion
2023-10-07 15:47 - 2023-10-07 15:47 - 000007196 _____ C:\Users\User\Documents\cc_20231007_154745.reg
2023-10-07 15:41 - 2023-10-07 15:41 - 000000000 ____D C:\Users\User\mamka
2023-10-04 07:41 - 2023-10-04 07:41 - 000012075 _____ C:\Users\User\Downloads\Objednat Knihy (9).ods
2023-09-26 08:07 - 2023-09-26 08:07 - 000012075 _____ C:\Users\User\Downloads\Objednat Knihy (8).ods
2023-09-26 08:07 - 2023-09-26 08:07 - 000012075 _____ C:\Users\User\Downloads\Objednat Knihy (7).ods
2023-09-22 07:12 - 2023-09-22 07:12 - 000044121 _____ C:\Users\User\Downloads\Informace k Vasemu pojisteni.zip
2023-09-15 08:36 - 2023-09-15 08:36 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-07 16:11 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-07 16:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-07 16:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-07 16:04 - 2020-10-11 10:41 - 000000000 ____D C:\FRST
2023-10-07 16:00 - 2022-10-09 12:09 - 002383360 _____ (Farbar) C:\Users\User\Desktop\FRST64 (2).exe
2023-10-07 15:52 - 2016-10-28 13:02 - 000000000 ____D C:\Program Files\CCleaner
2023-10-07 15:49 - 2023-04-01 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-07 15:49 - 2016-10-12 11:54 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-07 15:39 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-07 15:37 - 2022-10-08 22:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-07 15:37 - 2016-10-12 11:51 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2023-10-07 15:36 - 2023-04-01 11:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-07 15:36 - 2023-04-01 10:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-07 15:36 - 2020-09-19 08:08 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-07 15:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-10-06 06:37 - 2023-01-16 09:06 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-10-06 06:37 - 2020-06-07 11:51 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-05 08:23 - 2016-10-17 10:36 - 000096768 _____ C:\Users\User\Documents\Turistika.xls
2023-10-05 07:04 - 2018-02-18 13:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-04 07:02 - 2023-05-08 08:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-04 07:02 - 2023-05-08 08:28 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-03 07:27 - 2016-10-17 10:36 - 000308736 _____ C:\Users\User\Documents\Knihy.xls
2023-10-02 06:09 - 2018-07-11 06:50 - 000000000 ____D C:\ProgramData\Packages
2023-09-27 12:09 - 2023-04-01 10:35 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-27 12:09 - 2019-12-07 16:41 - 000684862 _____ C:\WINDOWS\system32\perfh005.dat
2023-09-27 12:09 - 2019-12-07 16:41 - 000137626 _____ C:\WINDOWS\system32\perfc005.dat
2023-09-25 10:21 - 2021-04-24 15:56 - 000012075 _____ C:\Users\User\Documents\Objednat Knihy.ods
2023-09-21 18:48 - 2023-01-01 12:18 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2023-09-21 18:48 - 2023-01-01 12:18 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2023-09-19 13:44 - 2023-05-08 08:24 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-19 13:44 - 2023-05-08 08:24 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-19 13:37 - 2022-12-20 07:55 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-19 06:58 - 2023-04-01 11:00 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-09-19 06:58 - 2023-04-01 11:00 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-16 08:16 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-09-16 08:12 - 2023-04-01 10:10 - 000365000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-16 08:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-16 07:56 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-16 07:12 - 2023-04-01 10:16 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-15 07:35 - 2016-10-12 12:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-15 07:20 - 2016-10-12 12:34 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-13 07:09 - 2023-04-01 11:00 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-13 07:06 - 2022-10-15 07:53 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-09-08 12:39 - 2017-08-06 16:21 - 000000000 ____D C:\Program Files\HP
==================== Files in the root of some directories ========
2016-10-28 12:54 - 2016-10-28 12:50 - 000020502 _____ () C:\Users\User\prefs.js
2022-10-09 12:06 - 2022-10-09 12:06 - 000000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2023-02-09 07:56 - 2023-02-09 07:56 - 000000000 _____ () C:\Users\User\AppData\Local\{5474CE61-3CD0-4B4E-8128-99FE896FA038}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-07-2023
# Duration: 00:00:25
# OS: Windows 10 (Build 19045.3448)
# Scanned: 32105
# Detected: 12
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\User\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{56D27851-B9A6-430F-875A-E2D7A3802C7B}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
AdwCleaner[S00].txt - [2907 octets] - [07/10/2023 15:49:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu. Děkuji.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu. Děkuji.
- Přílohy
-
- Addition.zip
- (8.44 KiB) Staženo 30 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu. Děkuji.
Zdravím!
Sken ADWCleaner je OK, poreinstalled jsou utility od HP. Otevřte poznámkový blok a zkopírujte do něj:
Sken ADWCleaner je OK, poreinstalled jsou utility od HP. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\MountPoints2: {3e5992b2-a930-11ec-92b6-705a0fb3829d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\MountPoints2: {7c6173e9-0466-11ee-947a-705a0fb3829d} - "D:\HiSuiteDownLoader.exe"
Task: {C8E9A624-A7CF-46E7-872F-32311194BF32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-05-08] (Google Inc -> Google LLC)
Task: {0C65A860-F3E5-40E6-BA07-B19DE20B8532} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-05-08] (Google Inc -> Google LLC)
Task: {263E7E2D-3A53-4626-B9C6-6C1C6881198E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\User\AppData\Local\{5474CE61-3CD0-4B4E-8128-99FE896FA038}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu. Děkuji.
Zdraví
spuštění se trochu urychlilo, ale stále to trvá dlouho. Jakmile se všechno načte a spustí tak notebook, spouštění programů i internet běží o něco rychleji .
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by User (08-10-2023 09:07:39) Run:3
Running from C:\Users\User\Desktop
Loaded Profiles: defaultuser0 & User
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\MountPoints2: {3e5992b2-a930-11ec-92b6-705a0fb3829d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\MountPoints2: {7c6173e9-0466-11ee-947a-705a0fb3829d} - "D:\HiSuiteDownLoader.exe"
Task: {C8E9A624-A7CF-46E7-872F-32311194BF32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-05-08] (Google Inc -> Google LLC)
Task: {0C65A860-F3E5-40E6-BA07-B19DE20B8532} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-05-08] (Google Inc -> Google LLC)
Task: {263E7E2D-3A53-4626-B9C6-6C1C6881198E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\User\AppData\Local\{5474CE61-3CD0-4B4E-8128-99FE896FA038}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e5992b2-a930-11ec-92b6-705a0fb3829d} => removed successfully
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c6173e9-0466-11ee-947a-705a0fb3829d} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8E9A624-A7CF-46E7-872F-32311194BF32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8E9A624-A7CF-46E7-872F-32311194BF32}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C65A860-F3E5-40E6-BA07-B19DE20B8532}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C65A860-F3E5-40E6-BA07-B19DE20B8532}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{263E7E2D-3A53-4626-B9C6-6C1C6881198E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{263E7E2D-3A53-4626-B9C6-6C1C6881198E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WaaSMedic\MaintenanceWork" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\User\AppData\Local\{5474CE61-3CD0-4B4E-8128-99FE896FA038} => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10633449 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 6000514 B
Edge => 0 B
Chrome => 176128 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1172 B
defaultuser0 => 1172 B
User => 39544546 B
RecycleBin => 0 B
EmptyTemp: => 53.7 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-10-2023 09:11:30)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 09:11:30 ====
spuštění se trochu urychlilo, ale stále to trvá dlouho. Jakmile se všechno načte a spustí tak notebook, spouštění programů i internet běží o něco rychleji .
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by User (08-10-2023 09:07:39) Run:3
Running from C:\Users\User\Desktop
Loaded Profiles: defaultuser0 & User
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\MountPoints2: {3e5992b2-a930-11ec-92b6-705a0fb3829d} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\...\MountPoints2: {7c6173e9-0466-11ee-947a-705a0fb3829d} - "D:\HiSuiteDownLoader.exe"
Task: {C8E9A624-A7CF-46E7-872F-32311194BF32} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-05-08] (Google Inc -> Google LLC)
Task: {0C65A860-F3E5-40E6-BA07-B19DE20B8532} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2023-05-08] (Google Inc -> Google LLC)
Task: {263E7E2D-3A53-4626-B9C6-6C1C6881198E} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\User\AppData\Local\{5474CE61-3CD0-4B4E-8128-99FE896FA038}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e5992b2-a930-11ec-92b6-705a0fb3829d} => removed successfully
HKU\S-1-5-21-3431129528-3102586650-2004860955-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7c6173e9-0466-11ee-947a-705a0fb3829d} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8E9A624-A7CF-46E7-872F-32311194BF32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8E9A624-A7CF-46E7-872F-32311194BF32}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C65A860-F3E5-40E6-BA07-B19DE20B8532}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C65A860-F3E5-40E6-BA07-B19DE20B8532}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{263E7E2D-3A53-4626-B9C6-6C1C6881198E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{263E7E2D-3A53-4626-B9C6-6C1C6881198E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WaaSMedic\MaintenanceWork" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\User\AppData\Local\{5474CE61-3CD0-4B4E-8128-99FE896FA038} => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10633449 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 6000514 B
Edge => 0 B
Chrome => 176128 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1172 B
defaultuser0 => 1172 B
User => 39544546 B
RecycleBin => 0 B
EmptyTemp: => 53.7 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-10-2023 09:11:30)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 09:11:30 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu. Děkuji.
Příkazem "msconfig" otevřte konfigurační okno systému a na záložkách "po spuštění" a "služby" zrušte zatržítko u všech ne-microsoftích položek (s vyjímkou ovladačů a bezpečnostního softwaru). Nastavení uložte a restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?