Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu (velké vytížení CPU a RAM)

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Abbott.Avi
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 13 pro 2011 21:41

Prosím o kontrolu logu (velké vytížení CPU a RAM)

#1 Příspěvek od Abbott.Avi »

Dobrý den,

prosím o kontrolu mámina PC.
Při brouzdání přes Chrome se PC náhodně, chvilkově seká, nereaguje a vytížení CPU i RAM je 80-90% +.
Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2024
Ran by kolsp (administrator) on FIREMNÖ (ATComputers PREMIO PROFESSIONAL) (29-11-2024 09:33:23)
Running from C:\Users\kolsp\OneDrive\Plocha\FRST64.exe
Loaded Profiles: kolsp
Platform: Microsoft Windows 11 Pro Version 23H2 22631.4460 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.70\msedgewebview2.exe <13>
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <3>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_8f2d0015d04700ee\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_effe9612081e9042\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe <2>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.200.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24102.48.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\kolsp\AppData\Local\Microsoft\OneDrive\24.216.1027.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b55ed36a9a78cc75\RtkAudUService64.exe [3495808 2023-03-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196520 2024-11-06] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752216 2024-09-30] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-224497037-1159430352-1889776923-1002\...\Run: [MicrosoftEdgeAutoLaunch_EACF087B84A2D76F0B2C46C28CB4E342] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-224497037-1159430352-1889776923-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12292504 2024-11-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Print\Monitors\C658SeriesPCL Language Monitor: C:\Windows\system32\KOAX5JAL.DLL [35176 2022-09-15] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-22] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {607ABC45-4149-4212-8C9C-6B1C72EF6E7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {007C4EA7-59D9-4868-8587-8B3E3E1A9C6B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{FFFE5622-D8E3-4CCA-88E6-44A481EBC5AC} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{e721e1b0-629d-4a93-8f20-72ffcb260208}: [NameServer] 10.0.0.138,8.8.4.4

Edge:
=======
Edge Profile: C:\Users\kolsp\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\kolsp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-11]
Edge Extension: (Edge relevant text changes) - C:\Users\kolsp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-21]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.431.2 -> C:\Program Files\Java\jre1.8.0_431\bin\dtplugin\npDeployJava1.dll [2024-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.431.2 -> C:\Program Files\Java\jre1.8.0_431\bin\plugin2\npjp2.dll [2024-09-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-11-13] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\kolsp\AppData\Local\Google\Chrome\User Data\Default [2024-11-29]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.tatryportal.sk
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\kolsp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-11-29]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\kolsp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-11-26]
CHR Extension: (NoMiner - Block Coin Miners) - C:\Users\kolsp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfnangjojcioomickmmnfmiadkfhcdmd [2024-08-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\kolsp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-04-01]
CHR HKU\S-1-5-21-224497037-1159430352-1889776923-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5563760 2024-11-06] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-11-06] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4240120 2024-11-06] (ESET, spol. s r.o. -> ESET)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-10-08] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-10-08] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [220520 2024-10-30] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121864 2024-10-30] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [268568 2024-10-30] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57872 2024-10-30] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [87784 2024-10-30] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [128552 2024-10-30] (ESET, spol. s r.o. -> ESET)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_302e75596cffa74a\iaLPSS2_GPIO2_ADL.sys [150616 2023-04-03] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_e736c048ca307ed2\iaLPSS2_I2C_ADL.sys [220224 2023-04-03] (Intel Corporation -> Intel Corporation)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_d1a236ce16a4bbb1\rt68cx21x64.sys [845280 2024-10-09] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-29 09:33 - 2024-11-29 09:33 - 000013786 _____ C:\Users\kolsp\OneDrive\Plocha\FRST.txt
2024-11-29 09:33 - 2024-11-29 09:33 - 000000000 ____D C:\FRST
2024-11-29 09:32 - 2024-11-29 09:32 - 002402816 _____ (Farbar) C:\Users\kolsp\OneDrive\Plocha\FRST64.exe
2024-11-28 10:45 - 2024-11-28 10:45 - 000061783 _____ C:\Users\kolsp\Downloads\190732120227_20241127.pdf
2024-11-27 11:07 - 2024-11-27 11:08 - 000247424 _____ C:\Users\kolsp\OneDrive\Plocha\scan_2021_08_07_13_51_58_933.pdf
2024-11-27 09:52 - 2024-11-27 09:52 - 000060592 _____ C:\Users\kolsp\Downloads\190732120227_20241126.pdf
2024-11-26 13:32 - 2024-11-26 13:32 - 001956085 _____ C:\Users\kolsp\OneDrive\Plocha\PRUVODCE-EUDR_UHUL.pdf
2024-11-26 09:49 - 2024-11-26 09:49 - 000059838 _____ C:\Users\kolsp\Downloads\190732120227_20241125.pdf
2024-11-25 09:07 - 2024-11-25 09:07 - 000060032 _____ C:\Users\kolsp\Downloads\190732120227_20241122.pdf
2024-11-22 10:03 - 2024-11-22 10:03 - 000060027 _____ C:\Users\kolsp\Downloads\190732120227_20241121.pdf
2024-11-21 09:30 - 2024-11-21 09:30 - 000058794 _____ C:\Users\kolsp\Downloads\190732120227_20241120.pdf
2024-11-20 08:58 - 2024-11-20 08:58 - 000060766 _____ C:\Users\kolsp\Downloads\190732120227_20241119.pdf
2024-11-19 09:47 - 2024-11-19 09:47 - 000061799 _____ C:\Users\kolsp\Downloads\190732120227_20241118.pdf
2024-11-18 13:29 - 2024-11-18 13:29 - 000060729 _____ C:\Users\kolsp\Downloads\190732120227_20241115.pdf
2024-11-15 09:47 - 2024-11-29 09:17 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-11-15 09:25 - 2024-11-15 09:25 - 000060403 _____ C:\Users\kolsp\Downloads\190732120227_20241114.pdf
2024-11-14 10:46 - 2024-11-14 10:46 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-11-14 10:46 - 2024-11-14 10:46 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-11-14 09:57 - 2024-11-14 09:57 - 000061206 _____ C:\Users\kolsp\Downloads\190732120227_20241113.pdf
2024-11-13 09:40 - 2024-11-13 09:40 - 000060640 _____ C:\Users\kolsp\Downloads\190732120227_20241112.pdf
2024-11-11 09:45 - 2024-11-11 09:45 - 000060053 _____ C:\Users\kolsp\Downloads\190732120227_20241108.pdf
2024-11-08 10:03 - 2024-11-08 10:03 - 000059556 _____ C:\Users\kolsp\Downloads\190732120227_20241107.pdf
2024-11-07 14:19 - 2024-11-07 14:20 - 000000000 ____D C:\Users\kolsp\OneDrive\Plocha\Maserati fotky
2024-11-07 09:24 - 2024-11-07 09:24 - 000060376 _____ C:\Users\kolsp\Downloads\190732120227_20241106.pdf
2024-11-06 14:26 - 2024-11-06 14:26 - 000028585 _____ C:\Users\kolsp\OneDrive\Plocha\ceny_kol_21.08.2023.ods
2024-11-06 14:03 - 2024-11-06 14:03 - 000070768 _____ C:\Users\kolsp\Downloads\OCP03_CES_22459217.PDF
2024-11-06 11:10 - 2024-11-06 11:10 - 000062047 _____ C:\Users\kolsp\Downloads\190732120227_20241105.pdf
2024-11-05 10:56 - 2024-11-05 10:57 - 000000000 ____D C:\Users\kolsp\OneDrive\Plocha\DC-49
2024-11-05 09:42 - 2024-11-05 09:42 - 000062250 _____ C:\Users\kolsp\Downloads\190732120227_20241104.pdf
2024-11-04 13:58 - 2024-11-04 13:58 - 000105111 _____ C:\Users\kolsp\Downloads\Plán_záloh_460005704451.PDF
2024-11-04 13:55 - 2024-11-04 13:55 - 000110229 _____ C:\Users\kolsp\Downloads\Plán_záloh_610005819494.PDF
2024-11-04 11:25 - 2024-11-04 11:25 - 000058528 _____ C:\Users\kolsp\Downloads\190732120227_20241101.pdf
2024-11-01 14:19 - 2024-11-01 14:19 - 000025855 _____ C:\Users\kolsp\Downloads\CÚ Ostrava-žádost.odt
2024-11-01 14:13 - 2024-11-01 14:13 - 000025855 _____ C:\Users\kolsp\OneDrive\Plocha\CÚ Ostrava-žádost.odt
2024-11-01 14:03 - 2024-11-01 14:03 - 000582589 _____ C:\Users\kolsp\Downloads\2965231853.pdf
2024-11-01 13:41 - 2024-11-01 13:41 - 000351497 _____ C:\Users\kolsp\Downloads\523323077.pdf
2024-11-01 11:13 - 2024-11-01 11:13 - 000022279 _____ C:\Users\kolsp\Downloads\Celnice-výkaz 2024-10.odt
2024-11-01 10:16 - 2024-11-01 10:16 - 000059815 _____ C:\Users\kolsp\Downloads\190732120227_20241031.pdf
2024-11-01 09:19 - 2024-11-01 09:19 - 000026650 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-11-01 09:18 - 2024-11-01 09:18 - 000026650 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-10-31 10:51 - 2024-10-31 10:51 - 000102438 _____ C:\Users\kolsp\Downloads\DD2424106184.pdf
2024-10-31 09:40 - 2024-10-31 09:40 - 000059619 _____ C:\Users\kolsp\Downloads\190732120227_20241030.pdf
2024-10-30 10:20 - 2024-10-30 10:20 - 000059177 _____ C:\Users\kolsp\Downloads\190732120227_20241029.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-29 09:31 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-11-29 09:18 - 2023-04-01 10:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-11-29 09:17 - 2023-04-01 10:57 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-11-29 09:17 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-29 08:54 - 2023-04-01 10:23 - 000000000 ____D C:\Users\kolsp\AppData\Local\D3DSCache
2024-11-29 08:52 - 2023-04-01 10:24 - 000000000 ___RD C:\Users\kolsp\OneDrive
2024-11-29 08:52 - 2023-04-01 10:23 - 000000000 ____D C:\Users\kolsp\AppData\Local\Packages
2024-11-29 08:52 - 2023-03-15 10:22 - 000000000 ____D C:\ProgramData\Packages
2024-11-29 08:52 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-28 14:56 - 2023-04-02 13:50 - 000000000 ____D C:\UCTO2020
2024-11-28 09:22 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-11-27 11:08 - 2023-04-03 14:18 - 000000000 ___RD C:\SCAN
2024-11-27 09:23 - 2023-03-15 10:21 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-26 10:22 - 2023-04-01 10:24 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-224497037-1159430352-1889776923-1002
2024-11-26 10:22 - 2023-04-01 10:24 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-224497037-1159430352-1889776923-1002
2024-11-26 10:22 - 2023-04-01 10:24 - 000002377 _____ C:\Users\kolsp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-26 09:25 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-11-25 16:06 - 2023-03-15 10:21 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-11-24 12:06 - 2023-03-15 10:21 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-24 12:06 - 2023-03-15 10:21 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-22 09:50 - 2023-04-01 10:41 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-18 09:38 - 2023-04-01 11:06 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-11-18 09:38 - 2023-04-01 11:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-11-18 09:30 - 2023-04-01 10:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-14 10:57 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-11-14 10:46 - 2023-03-15 10:28 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-11-14 10:42 - 2023-03-15 10:22 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-11-14 10:42 - 2023-03-15 10:21 - 000469808 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-14 10:42 - 2023-03-15 10:21 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-14 10:42 - 2023-03-15 10:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-11-14 10:42 - 2022-05-07 06:17 - 000786432 _____ C:\Windows\system32\config\BBI
2024-11-14 10:41 - 2023-10-19 08:17 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-11-14 10:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-11-14 10:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-14 10:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-11-13 10:03 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-11-13 09:53 - 2023-03-15 10:32 - 000000000 ____D C:\Windows\system32\MRT
2024-11-13 09:52 - 2023-03-15 10:32 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-11-07 15:15 - 2024-02-07 09:37 - 000000000 ____D C:\Users\kolsp\OneDrive\Plocha\Karibik 2024
2024-11-07 12:02 - 2024-09-09 13:45 - 000000000 ____D C:\Users\kolsp\OneDrive\Plocha\fotky balíků
2024-11-06 11:52 - 2023-06-05 09:08 - 000000000 ____D C:\Users\kolsp\OneDrive\Plocha\Celnice výkazy
2024-11-06 11:44 - 2023-04-02 11:10 - 000000000 ____D C:\Users\kolsp\OneDrive\Dokumenty\TEXTY
2024-11-05 10:55 - 2024-03-15 08:55 - 000000000 ____D C:\Users\kolsp\OneDrive\Plocha\DC-47
2024-11-01 09:26 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-11-01 09:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\DiagTrack
2024-11-01 09:26 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-11-01 09:21 - 2022-05-07 06:25 - 000077312 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2024-11-01 09:21 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\Windows\system32\opencl.dll
2024-10-30 19:01 - 2022-12-19 15:37 - 000268568 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2024-10-30 19:01 - 2022-12-19 15:37 - 000220520 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2024-10-30 19:01 - 2022-12-19 15:37 - 000128552 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2024-10-30 19:01 - 2022-12-19 15:37 - 000121864 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2024-10-30 19:01 - 2022-12-19 15:37 - 000087784 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2024-10-30 19:01 - 2022-12-19 15:37 - 000057872 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Abbott.Avi
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 13 pro 2011 21:41

Re: Prosím o kontrolu logu (velké vytížení CPU a RAM)

#2 Příspěvek od Abbott.Avi »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2024
Ran by kolsp (29-11-2024 09:33:57)
Running from C:\Users\kolsp\OneDrive\Plocha
Microsoft Windows 11 Pro Version 23H2 22631.4460 (X64) (2023-04-01 09:04:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-224497037-1159430352-1889776923-500 - Administrator - Disabled)
Alex (S-1-5-21-224497037-1159430352-1889776923-1003 - Limited - Enabled)
DefaultAccount (S-1-5-21-224497037-1159430352-1889776923-503 - Limited - Disabled)
Guest (S-1-5-21-224497037-1159430352-1889776923-501 - Limited - Disabled)
kolsp (S-1-5-21-224497037-1159430352-1889776923-1002 - Administrator - Enabled) => C:\Users\kolsp
scan (S-1-5-21-224497037-1159430352-1889776923-1004 - Limited - Enabled) => C:\Users\scan
WDAGUtilityAccount (S-1-5-21-224497037-1159430352-1889776923-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.004.20272 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC17084FC500}) (Version: 23.008.20421 - Adobe Systems Incorporated)
Doplněk pro vytváření PDF dokumentů z Účta (HKLM-x32\...\Doplněk pro vytváření PDF dokumentů z Účta_is1) (Version: - )
Dynamic Application Loader Host Interface Service (HKLM\...\{5047EF99-2D0B-47B9-88D7-E78348B9CEAB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ESET Security (HKLM\...\{CE7B3B12-4E4F-4ADF-B267-2703AD3AF581}) (Version: 18.0.12.0 - ESET, spol. s r.o.)
Generic Universal PCL (HKLM\...\Generic Universal PCL) (Version: - Generic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.86 - Google LLC)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.386 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{3FE2DA7E-38D2-48B2-ACD4-C217EFF817D1}) (Version: 10.1.19198.8339 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{8f86005b-e8f2-4524-ace1-eb9c9be88a1a}) (Version: 10.1.19198.8339 - Intel(R) Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2233.3.26.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{5B75F912-9941-4DC6-92E8-D29BDAA3DB74}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{84D68DFE-6152-4086-9689-98176A13D8D0}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{7065C5AB-83EF-4C94-920B-5C09067C6881}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{8BB1B6E6-25C3-4B53-A8C4-4EB25E1FD1AB}) (Version: 30.100.2221.20 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2221.20 - Intel Corporation)
IrfanView 4.62 (64-bit) (HKLM\...\IrfanView64) (Version: 4.62 - Irfan Skiljan)
Java 8 Update 431 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180431F0}) (Version: 8.0.4310.10 - Oracle Corporation)
LibreOffice 7.5.2.2 (HKLM\...\{B722792A-A194-4906-97A9-58CA688304E8}) (Version: 7.5.2.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.70 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-224497037-1159430352-1889776923-1002\...\OneDriveSetup.exe) (Version: 24.216.1027.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.9.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 128.5.0 (x64 cs)) (Version: 128.5.0 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9373.1 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Winmail Opener 1.7 (HKLM-x32\...\Winmail Opener) (Version: 1.7 - Eolsoft)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-17] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-11] (INTEL CORP) [Startup Task]
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2024-11-27] (Sparse Package)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-01-26] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2024-04-16] (Realtek Semiconductor Corp)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0 [2024-11-22] (Spotify AB) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2023-04-01] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-224497037-1159430352-1889776923-1002_Classes\CLSID\{0a30c058-dd2d-49b3-84ea-df618c9ea92b}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-224497037-1159430352-1889776923-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-224497037-1159430352-1889776923-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\kolsp\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.28402\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-224497037-1159430352-1889776923-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-224497037-1159430352-1889776923-1002_Classes\CLSID\{D4E30974-F80D-4E70-A90B-CB493B115CE5}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-11-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-11-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-11-06] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_431\bin\ssv.dll [2024-09-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_431\bin\jp2ssv.dll [2024-09-30] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-224497037-1159430352-1889776923-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\themec\img28.jpg
HKU\S-1-5-21-224497037-1159430352-1889776923-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-224497037-1159430352-1889776923-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_EACF087B84A2D76F0B2C46C28CB4E342"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C0839E82-EA57-454F-859B-84E3DCFA155C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1308.3011.3930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A140B77F-7C1C-47E1-ACD0-3C1AB2B0F978}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1308.3011.3930_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5E34EAB-C9D9-4343-A890-EB397B670500}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{92181D60-4D1E-4C2E-AEBA-283F45ACBBD6}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{45DECD77-F58D-4244-AAF7-43A6F81CFAA5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B590BEC2-B6E0-4DC6-9B1E-7B88F632A737}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{238C2058-60D7-4D8C-88C6-1CF94E615562}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5853AF39-8BAA-4EDB-ABD5-59920F629A88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{30AD96E1-2B23-418C-9846-AFAC3C47B0FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2F11FEB5-FD6C-47F2-8A95-79FCE0180D8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{80613116-9233-48BB-9688-ACF8F81F461E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A6C355AB-1694-42CC-87BB-4DC528FFF9E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C6E4E044-FCEF-4D45-8FC8-A6293703E743}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{97266431-BCBD-466C-A0E5-944DFD8F5B5E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5B2FEF6E-1C13-4702-B896-471487B60C9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.251.345.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{90E6FC6F-5B72-4A5D-B711-F11A89A261EC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

14-11-2024 10:13:45 Windows Update
18-11-2024 09:37:09 Windows Update
22-11-2024 12:50:14 Windows Update
26-11-2024 09:25:27 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/14/2024 10:41:41 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (10/11/2024 09:58:50 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (09/23/2024 05:55:31 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: AcroServicesUpdater2_x64.exe, verze: 0.0.0.0, časové razítko: 0x66e42c00
Název chybujícího modulu: AcroServicesUpdater2_x64.exe, verze: 0.0.0.0, časové razítko: 0x66e42c00
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000007407
ID chybujícího procesu: 0x0x2368
Čas spuštění chybující aplikace: 0x0x1db0dd9652dece4
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Adobe\ARM\Execute\20907\AcroServicesUpdater2_x64.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Adobe\ARM\Execute\20907\AcroServicesUpdater2_x64.exe
ID zprávy: 56e1572c-286c-4c91-8474-402862ebb65a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/20/2024 01:26:19 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: AcroServicesUpdater2_x64.exe, verze: 0.0.0.0, časové razítko: 0x66e42c00
Název chybujícího modulu: AcroServicesUpdater2_x64.exe, verze: 0.0.0.0, časové razítko: 0x66e42c00
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000007407
ID chybujícího procesu: 0x0x1d08
Čas spuštění chybující aplikace: 0x0x1db0b584b20ee1a
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Adobe\ARM\Execute\6462\AcroServicesUpdater2_x64.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Adobe\ARM\Execute\6462\AcroServicesUpdater2_x64.exe
ID zprávy: db678646-2cf9-4c30-9e60-d5e75247fce2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/18/2024 08:01:26 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.22621.1, časové razítko: 0x3b1bcc5b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff8ed91200f
ID chybujícího procesu: 0x0x2f04
Čas spuštění chybující aplikace: 0x0x1db099893c10d38
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 24768215-70db-4317-9502-ac0ceeece2f1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/18/2024 08:01:26 AM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (09/18/2024 08:01:25 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (09/18/2024 08:01:25 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002


System errors:
=============
Error: (11/28/2024 09:16:15 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.

Error: (11/25/2024 09:14:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PC1H9VN18CM-Microsoft.StartExperiencesApp.

Error: (11/22/2024 12:51:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/22/2024 12:50:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.

Error: (11/19/2024 01:11:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.

Error: (11/14/2024 10:44:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/14/2024 10:44:40 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (11/14/2024 10:42:35 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: ACPI2


Windows Defender:
================Event[0]

Date: 2023-04-02 14:48:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.1861.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2024-11-29 09:02:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2024-11-29 08:52:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. FL 11/15/2022
Motherboard: Gigabyte Technology Co., Ltd. H610M S2H DDR4
Processor: 13th Gen Intel(R) Core(TM) i3-13100
Percentage of memory in use: 60%
Total physical RAM: 7964.34 MB
Available physical RAM: 3142.58 MB
Total Virtual: 10022.64 MB
Available Virtual: 2513.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.07 GB) (Free:77.31 GB) (Model: Samsung SSD 970 EVO Plus 250GB) NTFS

\\?\Volume{b893609e-756f-4e2a-b2e8-f513f0ccd8a8}\ () (Fixed) (Total:0.7 GB) (Free:0.1 GB) NTFS
\\?\Volume{c6c50291-a809-4992-8e17-489c3acce888}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 61D8FD35)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118807
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu (velké vytížení CPU a RAM)

#3 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752216 2024-09-30] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End
Uložte do C:\Users\kolsp\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět