Dobrý den, počítač je tety která mě požádala o pomoc.
Počítač je celkově zpomalený, prosím o kontrolu.
Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02.08.2024
Ran by Marie (administrator) on DESKTOP-52SH7VT (Dell Inc. OptiPlex 760) (12-08-2024 16:29:54)
Running from C:\Users\admin\Desktop\FRST.exe
Loaded Profiles: Marie
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4651 (X86) Language: Čeština (Česko)
Default browser: "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft\Edge\Application\msedge.exe <14>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(svchost.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [410008 2024-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [38931368 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\Run: [MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A] => "C:\Program Files\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3003432 2024-08-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [62686136 2024-08-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Uninstall 24.141.0714.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\24.141.0714.0003" [0 2024-08-12] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\MountPoints2: {51a97fbe-a738-11eb-819f-00219b1ab07e} - "I:\HiSuiteDownLoader.exe"
HKLM\...\Windows NT x86\Print Processors\Canon MG2400 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDBW.DLL [29184 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2400 series: C:\WINDOWS\system32\CNMLMBW.DLL [317952 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\126.0.25736.183\Installer\chrmstp.exe [2024-07-30] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.100\Installer\chrmstp.exe [2024-08-09] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {859D46D9-A9DE-4787-88CB-8D1B6ED20005} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {82ED2CB5-3FB0-4AF7-9AB7-011439920B01} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4735896 2024-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {CB4D122D-2E72-447B-802F-0B256EEF4F9A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1830296 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {84541FC0-238B-4E26-8D8D-34E8793E0FC7} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2593472 2024-07-17] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {36000DC2-7B67-45DE-8C59-7A8FF13AFBE7} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [2593472 2024-07-17] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {9BE025E8-8732-4ED5-A5E6-DBD80FBCC485} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-07-16] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {4E0DAF5B-F206-42B8-9E5D-1B20F19CE960} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4615584 2024-07-16] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e5b78f5c-fc35-4c90-bb8b-46c21b1dbe19" --version "6.26.11169" --silent
Task: {C8F2C0E4-4E7B-4F0D-89D0-354A077E61B4} - System32\Tasks\CCleanerSkipUAC - Marie => C:\Program Files\CCleaner\CCleaner.exe [38931368 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {59E19042-A1EB-4A4C-BDDA-EA42BF6DF603} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {667A1FD4-7E49-4A1A-BAED-8BDFCB36A9B5} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {05F4D878-7056-4600-8C57-C4184F4139D3} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{AEF27334-5B16-4568-A4E0-A04B8F4DD3BE} => C:\Program Files\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.3.181
Tcpip\..\Interfaces\{04a7c670-e618-4254-ae93-0a4f0fc1eafb}: [DhcpNameServer] 8.8.8.8 192.168.3.181
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-12]
Edge DownloadDir: Default -> C:\Users\admin\Desktop
Edge HomePage: Default -> hxxp://seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-12]
Edge Extension: (Edge relevant text changes) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-04-12]
Edge Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02]
Edge Extension: (Edge relevant text changes) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-02]
FireFox:
========
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-08-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2024-08-12]
CHR DownloadDir: C:\Users\admin\Desktop
CHR Notifications: Default -> hxxps://ccc.eu; hxxps://creative-cz.com; hxxps://eobuv.cz; hxxps://eshop.tescoma.cz; hxxps://modivo.cz; hxxps://postazdarma.cz; hxxps://www-triola-cz.pushpushgo.com; hxxps://www.bezvasport.cz; hxxps://www.botovo.cz; hxxps://www.eobuv.cz; hxxps://www.jjshouse.cz; hxxps://www.lyke.cz; hxxps://www.mesec.cz; hxxps://www.penize.cz; hxxps://www.tescoma.cz; hxxps://www.trendyol.com; hxxps://www.ullapopken.cz; hxxps://www.vyprodej-slevy.cz; hxxps://www.vyprodejpovleceni.cz; hxxps://www.vyprodejskladu.eu
CHR HomePage: Default -> hxxp://google.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultNewTabURL: Default -> hxxps://search.seznam.cz/?sourceid=chromechoice
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8098712 2024-07-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [741272 2024-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1177496 2024-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-27] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\126.0.25736.183\elevation_service.exe [1386344 2024-07-17] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [909728 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [382768 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [300416 2023-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [1516320 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [86088 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [17976 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [179256 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [318008 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [234544 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [76344 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25184 2024-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [25544 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [224824 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [81352 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [57912 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [771128 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1084472 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [148936 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [252488 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43648 2019-08-24] (ESET, spol. s r.o. -> ESET)
S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [65536 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
R3 MonitorFunction; C:\WINDOWS\System32\drivers\TVMonitor.sys [13304 2016-08-02] (TeamViewer GmbH -> TeamViewer GmbH)
R0 MsSecCore; C:\WINDOWS\System32\drivers\msseccore.sys [21984 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 MsSecWfp; C:\WINDOWS\System32\drivers\mssecwfp.sys [28640 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [39304 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [332008 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [49376 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [214016 2023-12-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-08-12 16:29 - 2024-08-12 16:31 - 000018017 _____ C:\Users\admin\Desktop\FRST.txt
2024-08-12 16:28 - 2024-08-12 16:30 - 000000000 ____D C:\FRST
2024-08-12 16:26 - 2024-08-12 16:26 - 002094592 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2024-07-25 13:09 - 2024-07-25 13:08 - 000273816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-08-12 16:32 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-12 16:21 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2024-08-12 16:18 - 2021-03-31 19:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-12 09:29 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-12 09:26 - 2021-12-13 10:58 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3241983284-403101928-2236518649-1001
2024-08-12 09:26 - 2021-03-31 20:17 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3241983284-403101928-2236518649-1001
2024-08-12 09:26 - 2021-03-31 20:00 - 000002361 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-08-12 09:15 - 2020-11-09 16:42 - 000000000 ____D C:\Program Files\CCleaner
2024-08-12 09:13 - 2021-03-31 20:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-12 09:13 - 2021-03-31 20:00 - 000000000 ____D C:\Users\admin
2024-08-12 09:13 - 2021-03-31 19:57 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-12 07:27 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-08-09 14:36 - 2022-01-14 16:58 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-08-09 09:23 - 2021-12-21 16:19 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-09 09:23 - 2020-10-07 19:10 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-08 12:36 - 2021-03-31 20:17 - 000004550 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-08-08 12:34 - 2022-10-13 09:24 - 000002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-08-08 09:05 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-07 14:58 - 2020-11-09 16:30 - 000000000 ____D C:\Users\admin\AppData\Local\D3DSCache
2024-08-05 09:30 - 2020-10-12 09:14 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-30 14:26 - 2021-06-09 09:33 - 000002333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-07-30 14:26 - 2021-06-09 09:32 - 000000000 ____D C:\Program Files\CCleaner Browser
2024-07-29 09:27 - 2021-03-31 20:17 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-29 09:27 - 2021-03-31 20:17 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-29 09:24 - 2020-12-01 10:11 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2024-07-26 10:37 - 2020-10-09 12:38 - 000252488 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2024-07-25 13:09 - 2021-03-31 20:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2024-07-25 13:09 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-07-25 13:08 - 2022-10-13 19:41 - 000025184 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswElam.sys
2024-07-25 13:08 - 2020-10-09 12:38 - 001084472 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2024-07-25 13:08 - 2020-10-09 12:38 - 000234544 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2024-07-25 13:08 - 2020-10-09 12:38 - 000224824 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2024-07-25 13:08 - 2020-10-09 12:38 - 000076344 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2024-07-25 13:08 - 2020-10-09 12:38 - 000057912 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2024-07-25 13:08 - 2020-10-09 12:37 - 000771128 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2024-07-25 13:08 - 2020-10-09 12:37 - 000318008 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2024-07-25 13:08 - 2020-10-09 12:37 - 000179256 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2024-07-25 13:08 - 2020-10-09 12:37 - 000081352 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2024-07-25 13:08 - 2020-10-09 12:37 - 000025544 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2024-07-25 13:08 - 2020-10-09 12:37 - 000017976 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2024-07-19 09:07 - 2021-03-31 20:10 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-07-19 09:07 - 2019-12-07 14:21 - 000716602 _____ C:\WINDOWS\system32\perfh005.dat
2024-07-19 09:07 - 2019-12-07 14:21 - 000144780 _____ C:\WINDOWS\system32\perfc005.dat
2024-07-18 16:11 - 2022-11-15 10:28 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-07-18 07:53 - 2022-11-15 10:28 - 000002828 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-07-18 07:52 - 2021-03-31 20:17 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02.08.2024
Ran by Marie (12-08-2024 16:34:52)
Running from C:\Users\admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4651 (X86) (2021-03-31 18:17:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3241983284-403101928-2236518649-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3241983284-403101928-2236518649-503 - Limited - Disabled)
Guest (S-1-5-21-3241983284-403101928-2236518649-501 - Limited - Disabled)
Marie (S-1-5-21-3241983284-403101928-2236518649-1001 - Administrator - Enabled) => C:\Users\admin
WDAGUtilityAccount (S-1-5-21-3241983284-403101928-2236518649-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 24.002.20991 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.7.6124 - Avast Software)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.03 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.26 - Piriform)
CCleaner Browser (HKLM\...\CCleaner Browser) (Version: 126.0.25736.183 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 127.0.6533.100 - Google LLC)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 127.0.2651.86 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM\...\Microsoft EdgeWebView) (Version: 126.0.2592.113 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\OneDriveSetup.exe) (Version: 24.146.0721.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{8F99DEF4-B09B-40D7-9EF5-58DB00C1E053}) (Version: 3.74.0.0 - Microsoft Corporation)
Registrace uživatele zařízení Canon MG2400 series (HKLM\...\Registrace uživatele zařízení Canon MG2400 series) (Version: - Canon Inc.)
Update for Windows 10 (KB4480730) (HKLM\...\{D2CA80BE-F97F-45C7-AEE6-87742793EF70}) (Version: 2.53.0.0 - Microsoft Corporation)
Update for Windows 10 (KB5001716) (HKLM\...\{14B4CD9F-AAA5-4175-96F5-72DA168A1C68}) (Version: 8.94.0.0 - Microsoft Corporation)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2022-06-30] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0 [2024-08-06] (Spotify AB) [Startup Task]
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x86__8wekyb3d8bbwe [2024-07-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3241983284-403101928-2236518649-1001_Classes\CLSID\{30243641-2813-4951-5000-000000000000}\localserver32 -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-07-25] (Avast Software s.r.o. -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-09-09 20:40 - 2020-09-09 20:37 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\030.jpg
DNS Servers: 8.8.8.8 - 192.168.3.181
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Intel(R) 82567LM-3 Gigabit Network Connection -> e1i6532.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "CanonQuickMenu"
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5C2BD30E-FDEE-421B-944D-B74CFD63B699}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{198E3580-A258-476E-BE49-3364778282A8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{DF88C41B-6E32-49A8-8B1C-58BBBC3089D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B78B986-D99C-4556-A12C-45E9D5175336}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{595956D9-0368-443E-8034-E2A33060EF75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{99425A19-B7F0-40D8-A44C-91DEAACE59A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13DD5F29-187B-44C4-83C5-9E214AE1B38E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{21CBEBCD-E5EE-4231-B3A0-C042FE6DA98D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9C795526-8B34-43BC-B4B9-8AFF38C99E45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F88A6C27-846D-499A-ADCD-10713DC1EE3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.195.893.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DD96C012-BE47-432D-91BB-B63CF27BDB2E}] => (Allow) C:\Program Files\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{00133229-4746-4AB2-A561-F8AD54E705FA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.124.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AA341AF0-4CF0-41BD-B050-611B126DADE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.124.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FACA4EF-8219-4567-B3A4-3C40B34D7383}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.124.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A3DFAEFC-03A2-4AD9-897A-DAA5F4315263}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.124.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{07B4DA10-347F-4549-8AEF-F7662F9EDF5F}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
FirewallRules: [{37C9F2FE-92D4-4251-82B1-3FC43038FC4C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8D41BB3F-CFC9-4909-BA5A-2097F160B2F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{97605817-F9AF-4999-8C1E-30FC4CBAF50E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{02206471-D0BA-46DB-82EB-60138720B219}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{494DDFC5-C400-430F-9347-12EDD4C2A6DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D4BAD0A2-2110-4FEB-B5D9-F7A6A8B923D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2C601895-61B9-4408-9984-9B75E59F95E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C5888210-5242-487B-B9EE-E2342BEEFA93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7C2C169A-D419-463A-AFE9-7FDDE3911C20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{25616FD5-F8F7-4B1E-B38B-AA5163C2A9F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.243.420.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D17EA022-A3BF-43DF-B81B-83AFB660A2A6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
29-07-2024 09:56:14 Naplánovaný kontrolní bod
06-08-2024 09:06:25 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/09/2024 09:44:22 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (08/09/2024 09:39:32 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (08/06/2024 09:06:46 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen..
Error: (08/02/2024 10:22:36 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (08/02/2024 10:15:04 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (08/02/2024 09:52:21 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (08/02/2024 09:47:04 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (07/29/2024 09:56:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen..
System errors:
=============
Error: (08/12/2024 09:17:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (08/12/2024 09:17:14 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (08/12/2024 09:13:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:34:08, 12.08.2024) bylo neočekávané.
Error: (08/12/2024 07:29:10 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/08/2024 05:04:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-52SH7VT)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/08/2024 05:04:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-52SH7VT)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/08/2024 05:04:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-52SH7VT)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/08/2024 05:04:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-52SH7VT)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================Event[0]:
Date: 2023-05-29 11:08:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.389.2640.0
Předchozí verze bezpečnostních informací: 1.325.441.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20300.3
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2023-05-29 11:08:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.389.2640.0
Předchozí verze bezpečnostních informací: 1.325.441.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.20300.3
Předchozí verze modulu: 1.1.17500.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Date: 2023-05-29 11:08:39
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.20300.3
Předchozí verze modulu: 1.1.17500.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2024-08-12 09:17:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A00 09/26/2008
Motherboard: Dell Inc. 0F373D
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 65%
Total physical RAM: 3291.61 MB
Available physical RAM: 1137.68 MB
Total Virtual: 5635.41 MB
Available Virtual: 2450.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.49 GB) (Free:250.02 GB) (Model: WDC WD3200AAKS-75L9A0) NTFS
\\?\Volume{48000000-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{48000000-0000-0000-0000-d0654a000000}\ () (Fixed) (Total:0.5 GB) (Free:0.06 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 48000000)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=511 MB) - (Type=27)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé Pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé Pc
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Uninstall 24.141.0714.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\24.141.0714.0003" [0 2024-08-12] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé Pc
Fix result of Farbar Recovery Scan Tool (x86) Version: 12.08.2024
Ran by Marie (12-08-2024 19:00:05) Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: Marie
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Uninstall 24.141.0714.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\24.141.0714.0003" [0 2024-08-12] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-3241983284-403101928-2236518649-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully.
"HKU\S-1-5-21-3241983284-403101928-2236518649-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 24.141.0714.0003" => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 186539619 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1312218445 B
Edge => 0 B
Chrome => 935736980 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 16 B
LocalService => 296916 B
NetworkService => 300088 B
admin => 340516378 B
RecycleBin => 5700134 B
EmptyTemp: => 2.6 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-08-2024 09:20:45)
"C:\DumpStack.log.tmp" => Could not move.
==== End of Fixlog 09:20:45 ====
Ran by Marie (12-08-2024 19:00:05) Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: Marie
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3241983284-403101928-2236518649-1001\...\RunOnce: [Uninstall 24.141.0714.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\24.141.0714.0003" [0 2024-08-12] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-3241983284-403101928-2236518649-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully.
"HKU\S-1-5-21-3241983284-403101928-2236518649-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 24.141.0714.0003" => removed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 186539619 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1312218445 B
Edge => 0 B
Chrome => 935736980 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 16 B
LocalService => 296916 B
NetworkService => 300088 B
admin => 340516378 B
RecycleBin => 5700134 B
EmptyTemp: => 2.6 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-08-2024 09:20:45)
"C:\DumpStack.log.tmp" => Could not move.
==== End of Fixlog 09:20:45 ====
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé Pc
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé Pc
Řekl bych že je to lepší.
Děkuji vám za pomoc
Děkuji vám za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119486
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé Pc
FRádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?