VIRY.CZ

Prosím o kontrolu logu, naskakuje tato hláška viz. odkaz: https://uloz.to/file/grvzv1l3shVR/img-2 ... 212332-jpg

addition: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2021
Ran by PC1 (22-01-2021 22:48:15)
Running from C:\Users\PC1\Downloads
Windows 10 Home Version 2004 19041.508 (X64) (2020-09-01 16:15:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3621340843-3382866814-1888067393-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621340843-3382866814-1888067393-503 - Limited - Disabled)
Guest (S-1-5-21-3621340843-3382866814-1888067393-501 - Limited - Disabled)
PC1 (S-1-5-21-3621340843-3382866814-1888067393-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3621340843-3382866814-1888067393-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.44.2.0_x86__kgqvnymyfvs32 [2020-09-30] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-25] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Star Wars: Commander -> C:\Program Files\WindowsApps\Disney.StarWarsCommander_4.9.0.3_x86__6rarf9sa4v8jt [2017-05-10] (Disney)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe [2020-09-25] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\PC1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\PC1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Public\Desktop\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download

==================== Loaded Modules (Whitelisted) =============

2020-09-11 13:42 - 2020-09-11 13:42 - 000566272 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\usosvc.dll
2020-09-11 13:43 - 2020-09-11 13:43 - 003384832 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wuaueng.dll
2020-09-11 13:17 - 2020-09-05 19:21 - 001711104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_faefa4f37613d18e\gdiplus.dll
2020-09-11 13:17 - 2020-09-05 19:00 - 001449472 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94\gdiplus.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-07-09 18:20 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2016-03-11 09:38 - 2016-10-02 21:50 - 000000429 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 pc.mshome.net # 2021 3 3 10 8 38 25 315

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\Pictures\2007-04\DSCF4542.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B9F8EF43-3AD1-4556-AC82-08BD90F64216}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{7CC70521-B49B-4750-AF96-D6FA6A2D7F81}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{F2A9C531-0840-4252-A999-F729FA75E882}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{17883264-F0BC-4E87-BD21-8B8728F3EAD3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{B6A67B15-3612-409E-9C60-FF871A517BC2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{CFE035C3-2741-441E-AD8A-DFF1EFBDCDFB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{2C6628DF-9D60-4113-8EEF-941D344B047C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{5D3002CA-4E67-4CF2-998A-A77C92B46CC3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{0E391492-65DB-4481-98ED-EBFD2D49BBF1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => No File
FirewallRules: [{01FF3F81-FD40-43A6-A80F-BF23ACD5A769}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => No File
FirewallRules: [{92F45B22-EB60-4EDC-A923-1C4E2E38F9A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{6F2DB46D-3622-4C21-A8E3-E1D126FB96A0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{438417F8-0160-410A-AFED-BFF44655C361}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{6E7CC2B7-C7D2-4E0F-9C3F-A31847874852}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{85CB6F12-533E-4A0A-B367-BE001655AD30}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{82D659CD-FCA4-40A0-AD76-F6FB16869E3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{C7B6C0B1-FCC6-498B-BCFF-336349AD329B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{06D51ED3-9979-4F3D-B249-9277AC5E28C7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{01A8826E-065D-4E15-BA79-1D972E26E9CD}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{30E8ABD7-F29C-4BDA-8EA7-3CE18954E8DA}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{3104E404-ABE8-4787-8D64-37DAFC793050}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{3B5E562A-6E7F-41B2-95A6-8457B445B9F1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{B993B544-30AC-424F-9A75-3614403D2F5C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8B0F928F-4367-46C4-8501-FA952ED8E9A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{468C6B7A-C61D-4688-BADA-AD246073885D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE5D1FA6-1F12-4AB9-B120-8C601104D56F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA4DC3C4-CCDE-4E26-87E8-7C01EB39ADF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{B6594DBD-DA02-43D0-8B47-3DD99E6A6ED4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6EFB80F9-1F50-4BB4-AD9F-97974791B473}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{80478B5E-DA53-4F5A-8090-9236D5E754DB}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{42336124-C418-4217-8000-0DDD234B24B4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CB6ED37-9B41-4083-A7E7-9D269CBDD465}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-01-2021 09:45:06 Naplánovaný kontrolní bod
14-01-2021 11:55:43 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/22/2021 10:51:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1bdc

Čas spuštění: 01d6f0f728503c57

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 7ba54bc6-b615-41be-a8ac-ab72f14ed752

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Quiesce

Error: (01/22/2021 10:27:09 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (01/22/2021 09:26:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LockApp.exe verze 10.0.19041.423 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 25a0

Čas spuštění: 01d6f0f955e6a3bf

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

ID hlášení: e66f6a68-5852-4c28-b30c-4de4547074ec

Úplný název balíčku s chybou: Microsoft.LockApp_10.0.19041.423_neutral__cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: WindowsDefaultLockScreen

Typ zablokování: Navigation

Error: (01/19/2021 08:35:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Acer (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/13/2021 12:26:18 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Acer (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/13/2021 11:13:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_Audiosrv, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.546, časové razítko: 0x5b56177b
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000a3608
ID chybujícího procesu: 0x9ac
Čas spuštění chybující aplikace: 0x01d6e981caa43ce3
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 2eafefba-9b0e-4b5b-b87b-30d79d95892c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/12/2021 07:54:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: NotificationController.dll, verze: 10.0.19041.488, časové razítko: 0xf534a604
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000024a7b
ID chybujícího procesu: 0x1fdc
Čas spuštění chybující aplikace: 0x01d6e8afbc7e4afc
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 30b81431-1726-4fbe-988d-ae33e496e15f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2021 08:12:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Cortana.exe verze 2.2009.2711.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2890

Čas spuštění: 01d6e4c46a3446e0

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe\Cortana.exe

ID hlášení: 3325ece5-d773-43cc-ab0d-8c040ff161e0

Úplný název balíčku s chybou: Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce


System errors:
=============
Error: (01/22/2021 10:45:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2021-01 Kumulativní aktualizace pro Windows 10 Version 2004 pro systémy typu x64 (KB4598242).

Error: (01/22/2021 10:45:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2020-11 Aktualizace pro Windows 10 Version 2004 pro systémy typu x64 (KB4023057).

Error: (01/22/2021 10:45:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.329.2656.0).

Error: (01/22/2021 10:44:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2021-01, kumulativní aktualizace pro .NET Framework 3.5 a 4.8 pro Windows 10 Version 2004 pro x64 (KB4586876).

Error: (01/22/2021 10:44:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Nástroj k odstranění škodlivého softwaru v systému Windows, verze pro procesory x64 – v5.85 (KB890830).

Error: (01/22/2021 10:39:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.329.2656.0).

Error: (01/22/2021 10:32:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.329.2654.0).

Error: (01/22/2021 10:31:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.329.2654.0).


Windows Defender:
===================================
Date: 2021-01-22 08:42:02.3360000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0E196009-AECC-4E0A-B0F9-FC582E13EE73}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-19 20:09:02.5150000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5A1EF6D6-CB77-46CA-8926-9ED452DBC98D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-19 07:50:24.3390000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D5DCFF01-CB33-4743-AA8F-22F4984CBCD4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-17 20:17:31.2720000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BFF855DC-98B0-4923-8AD9-3EED82C7DA08}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-16 21:01:43.2290000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A6C25574-0C9B-4EA3-9FCC-0A155CA128AC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-22 22:39:06.4320000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní

Date: 2021-01-22 22:32:55.0760000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní

Date: 2021-01-22 22:31:29.9620000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní

Date: 2021-01-22 21:50:06.2920000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-01-22 20:55:29.1590000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní

==================== Memory info ===========================

BIOS: Insyde Corp. V1.10 12/15/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 86%
Total physical RAM: 3977.98 MB
Available physical RAM: 546.48 MB
Total Virtual: 7733.88 MB
Available Virtual: 3131.07 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.63 GB) (Free:396.49 GB) NTFS

\\?\Volume{414dccc3-71f7-4d72-b174-4e9bcbfbbdb4}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{20b6bdd9-f4d3-46ad-8a0e-df9d1f7349ff}\ (Push Button Reset) (Fixed) (Total:15.13 GB) (Free:2.05 GB) NTFS
\\?\Volume{c6fbe306-b887-45be-928c-50c805635f87}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ADAB34DE)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2021
Ran by PC1 (administrator) on PC (Acer Aspire ES1-512) (22-01-2021 22:41:51)
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1
Platform: Windows 10 Home Version 2004 19041.508 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PC1\AppData\Local\Microsoft\Teams\current\Teams.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\PC1\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-02-24]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03F6CBEC-ED3B-44F9-A54C-FA29852B40E3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0C5D04A1-B36E-4F9D-82C0-CA730F1DAB29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0E5967DC-6B89-46A5-8CCE-DB77EA166233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-24] (Google Inc -> Google Inc.)
Task: {19BA59BC-BF86-4515-8171-D5ABA93D6E90} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {23BADF0E-668C-4C10-90B9-AE6727B4879A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {30A1BAAF-29FE-4F7A-A761-BC65F74C1EB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-24] (Google Inc -> Google Inc.)
Task: {325E65FC-C889-4174-B70A-1BA61E32C33A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3786972A-C67A-4519-B167-082A6B690463} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {53C0C257-7B3C-43E3-91BD-72835627AF7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {6A2CFE04-EACF-4B3E-97A7-0240555EBACE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70F38D9C-851C-4337-A093-9101F931AE67} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {79FFF4F9-349F-496B-AAEC-28FEA05C5682} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {85EE7EFE-FBC8-46A1-B68C-032920DF65CB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {86BB18D0-8E2A-4B8A-94FB-650491D63458} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-17] (Acer Incorporated -> Acer Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {886618AC-8186-46A3-9FD5-F7E94C532D26} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {8ED9545E-057D-4FE7-8A43-520EC7E9F671} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A73D91F0-A237-4877-A104-B762434A1062} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AC295934-0929-46CE-AB3D-9BF8B2CC6DF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF3D53FA-56AF-44AB-A042-66B14F390B22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B19C90E4-E2E0-4981-9048-47C15AF39C1C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9D76858-C4B4-432B-9D75-94CFB9234AB0} - \WPD\SqmUpload_S-1-5-21-3621340843-3382866814-1888067393-1001 -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D0C8AD33-F793-4C59-B277-AD0053DD9BEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D3E7A086-3886-44E3-925D-532436F4D53E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DFA9C9A0-E1DB-4D2A-8EF8-AFF10E8DD84F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {E128A530-E9B5-48CB-991B-30D13B013818} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E181831A-B195-47A6-A234-9BBD96111346} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E5ED99A9-BFDE-414E-8B41-A783FE6BC852} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {F00C49B7-77D6-426B-A90B-EE919FC52420} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{112a3ec0-ef5e-446f-89a2-54e2798b749d}: [DhcpNameServer] 84.16.120.1 84.16.96.2
Tcpip\..\Interfaces\{f2bfa094-9f8f-4b44-8357-107c4699269f}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-15]
Edge StartupUrls: Default -> "hxxps://seznam.cz/"

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2021-01-22]
CHR Notifications: Default -> hxxps://brnensky.denik.cz; hxxps://ruvid.net; hxxps://web.skype.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-12]
CHR Extension: (Vyhledávání Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-12]
CHR Extension: (Tabulky) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-22]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-22]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DoSvc; C:\WINDOWS\system32\dosvc.dll [1492480 2020-09-11] (Microsoft Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [566272 2020-09-11] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [3384832 2020-09-11] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
R3 MpKsl38b54861; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C7EE06B8-1B26-46BE-A4A6-3D8EC661BB1B}\MpKslDrv.sys [91376 2021-01-22] (Microsoft Windows -> Microsoft Corporation)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-22 22:41 - 2021-01-22 22:44 - 000015916 _____ C:\Users\PC1\Downloads\FRST.txt
2021-01-22 22:41 - 2021-01-22 22:43 - 000000000 ____D C:\FRST
2021-01-22 22:14 - 2021-01-22 22:15 - 002296320 _____ (Farbar) C:\Users\PC1\Downloads\FRST64.exe
2021-01-22 19:49 - 2021-01-22 19:49 - 000000000 ____D C:\Users\PC1\AppData\Local\mbam
2021-01-22 19:47 - 2021-01-22 19:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-22 19:45 - 2021-01-22 19:45 - 000000000 ____D C:\Program Files\Malwarebytes

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-22 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-22 22:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-22 22:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-22 22:09 - 2020-09-01 16:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-22 20:18 - 2015-01-17 04:53 - 000000000 ____D C:\Program Files\Booking.COM
2021-01-22 19:17 - 2016-02-24 19:36 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-22 19:17 - 2016-02-24 19:36 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-22 19:11 - 2016-01-28 05:07 - 000000000 __SHD C:\Users\PC1\IntelGraphicsProfiles
2021-01-19 16:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-18 07:18 - 2020-09-01 17:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-18 07:18 - 2020-09-01 17:14 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-13 14:46 - 2020-09-01 16:37 - 000000000 ____D C:\Users\PC1
2021-01-13 08:57 - 2020-09-01 17:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-13 08:57 - 2020-09-01 16:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-11 08:30 - 2020-06-06 20:47 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-11 08:30 - 2020-06-06 20:47 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-11 08:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-11 08:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-28 19:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-12-27 15:54 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI

==================== Files in the root of some directories ========

2016-11-27 09:41 - 2016-11-27 09:41 - 000000000 _____ () C:\Users\PC1\AppData\Local\{533362CA-CA49-435B-8BD3-BE710345CFB6}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Spustit skenovani a pockaj na dokoncenie
• V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
• V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
• Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

Taky zdravím, odkaz na soft se nechce otevrit. Jine stranky se nacitaji.
Tento web není dostupnýOdpověď webu toolslib.net trvala příliš dlouho.
Zkuste:

Zkontrolovat připojení
Zkontrolovat proxy server a firewall
Spustit Diagnostiku sítě systému Windows
ERR_CONNECTION_TIMED_OUT

Je mozne, ze mali vypadok, kazdopadne teraz by to malo fungovat. Skus este raz, a ak stale nepojde, tak skus stiahnut AdwCleaner z tohto odkazu: https://downloads.malwarebytes.com/file/adwcleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-22-2021
# Duration: 00:00:14
# OS: Windows 10 Home
# Cleaned: 16
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Booking.com
Deleted C:\Users\Public\Pokki

***** [ Files ] *****

Deleted C:\Users\PC1\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\pokki

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}
Deleted Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Deleted Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{978724F6-1863-4DD5-9E66-FB77F5AB5613}
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3029 octets] - [22/01/2021 23:28:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-22-2021
# Duration: 00:01:06
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 16


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\Users\Public\Pokki
PUP.Optional.Booking C:\Program Files\Booking.com

***** [ Files ] *****

PUP.Optional.Booking C:\Users\PC1\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

Adware.pokki HKCU\Software\Classes\pokki

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}
Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{978724F6-1863-4DD5-9E66-FB77F5AB5613}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

OK, poprosim nove logy z FRST. Este otazka, udeje sa nieco po kliknuti na danu hlasku (napr. otvori sa nejaka webova stranka)?

Pokud na to kliknu otevre se nejaka varianta na youtube v azbuce ruvid.net

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2021
Ran by PC1 (23-01-2021 00:02:17)
Running from C:\Users\PC1\Downloads
Windows 10 Home Version 2004 19041.508 (X64) (2020-09-01 16:15:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3621340843-3382866814-1888067393-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621340843-3382866814-1888067393-503 - Limited - Disabled)
Guest (S-1-5-21-3621340843-3382866814-1888067393-501 - Limited - Disabled)
PC1 (S-1-5-21-3621340843-3382866814-1888067393-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3621340843-3382866814-1888067393-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.104 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.44.2.0_x86__kgqvnymyfvs32 [2020-09-30] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-25] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Star Wars: Commander -> C:\Program Files\WindowsApps\Disney.StarWarsCommander_4.9.0.3_x86__6rarf9sa4v8jt [2017-05-10] (Disney)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe [2020-09-25] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\PC1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\PC1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Public\Desktop\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download

==================== Loaded Modules (Whitelisted) =============

2020-05-01 09:23 - 2020-05-01 09:23 - 000774656 _____ () [File not signed] [File is in use] C:\Users\PC1\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2020-05-01 09:23 - 2020-05-01 09:23 - 001184256 _____ () [File not signed] [File is in use] C:\Users\PC1\AppData\Local\Facebook\Games\CefSharp.Core.dll
2020-05-01 09:23 - 2020-05-01 09:23 - 071641088 _____ () [File not signed] C:\Users\PC1\AppData\Local\Facebook\Games\libcef.dll
2020-05-01 09:23 - 2020-05-01 09:23 - 000078848 _____ () [File not signed] C:\Users\PC1\AppData\Local\Facebook\Games\libegl.dll
2020-05-01 09:23 - 2020-05-01 09:23 - 003149824 _____ () [File not signed] C:\Users\PC1\AppData\Local\Facebook\Games\libglesv2.dll
2020-09-11 13:42 - 2020-09-11 13:42 - 000566272 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\usosvc.dll
2020-09-11 13:17 - 2020-09-05 19:21 - 001711104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_faefa4f37613d18e\gdiplus.dll
2020-09-11 13:17 - 2020-09-05 19:00 - 001449472 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94\gdiplus.dll
2020-05-01 09:23 - 2020-05-01 09:23 - 000433664 _____ (The Chromium Authors) [File not signed] C:\Users\PC1\AppData\Local\Facebook\Games\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-07-09 18:20 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2016-03-11 09:38 - 2016-10-02 21:50 - 000000429 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 pc.mshome.net # 2021 3 3 10 8 38 25 315

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\Pictures\2007-04\DSCF4542.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B9F8EF43-3AD1-4556-AC82-08BD90F64216}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{7CC70521-B49B-4750-AF96-D6FA6A2D7F81}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{F2A9C531-0840-4252-A999-F729FA75E882}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{17883264-F0BC-4E87-BD21-8B8728F3EAD3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{B6A67B15-3612-409E-9C60-FF871A517BC2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{CFE035C3-2741-441E-AD8A-DFF1EFBDCDFB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{2C6628DF-9D60-4113-8EEF-941D344B047C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{5D3002CA-4E67-4CF2-998A-A77C92B46CC3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{0E391492-65DB-4481-98ED-EBFD2D49BBF1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => No File
FirewallRules: [{01FF3F81-FD40-43A6-A80F-BF23ACD5A769}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => No File
FirewallRules: [{92F45B22-EB60-4EDC-A923-1C4E2E38F9A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{6F2DB46D-3622-4C21-A8E3-E1D126FB96A0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{438417F8-0160-410A-AFED-BFF44655C361}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{6E7CC2B7-C7D2-4E0F-9C3F-A31847874852}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{85CB6F12-533E-4A0A-B367-BE001655AD30}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{82D659CD-FCA4-40A0-AD76-F6FB16869E3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{C7B6C0B1-FCC6-498B-BCFF-336349AD329B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{06D51ED3-9979-4F3D-B249-9277AC5E28C7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{01A8826E-065D-4E15-BA79-1D972E26E9CD}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{30E8ABD7-F29C-4BDA-8EA7-3CE18954E8DA}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{3104E404-ABE8-4787-8D64-37DAFC793050}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{3B5E562A-6E7F-41B2-95A6-8457B445B9F1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{B993B544-30AC-424F-9A75-3614403D2F5C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8B0F928F-4367-46C4-8501-FA952ED8E9A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{468C6B7A-C61D-4688-BADA-AD246073885D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE5D1FA6-1F12-4AB9-B120-8C601104D56F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA4DC3C4-CCDE-4E26-87E8-7C01EB39ADF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{B6594DBD-DA02-43D0-8B47-3DD99E6A6ED4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6EFB80F9-1F50-4BB4-AD9F-97974791B473}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{80478B5E-DA53-4F5A-8090-9236D5E754DB}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{42336124-C418-4217-8000-0DDD234B24B4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2CB6ED37-9B41-4083-A7E7-9D269CBDD465}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

05-01-2021 09:45:06 Naplánovaný kontrolní bod
14-01-2021 11:55:43 Naplánovaný kontrolní bod
22-01-2021 23:30:00 AdwCleaner_BeforeCleaning_22/01/2021_23:29:59

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/22/2021 11:32:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/22/2021 11:32:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/22/2021 11:32:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/22/2021 11:32:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/22/2021 10:51:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1bdc

Čas spuštění: 01d6f0f728503c57

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 7ba54bc6-b615-41be-a8ac-ab72f14ed752

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Quiesce

Error: (01/22/2021 10:27:09 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (01/22/2021 09:26:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LockApp.exe verze 10.0.19041.423 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 25a0

Čas spuštění: 01d6f0f955e6a3bf

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

ID hlášení: e66f6a68-5852-4c28-b30c-4de4547074ec

Úplný název balíčku s chybou: Microsoft.LockApp_10.0.19041.423_neutral__cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: WindowsDefaultLockScreen

Typ zablokování: Navigation

Error: (01/19/2021 08:35:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Acer (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (01/22/2021 11:45:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.329.2656.0).

Error: (01/22/2021 11:32:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AtherosSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/22/2021 11:32:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/22/2021 11:32:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/22/2021 11:32:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/22/2021 10:45:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2021-01 Kumulativní aktualizace pro Windows 10 Version 2004 pro systémy typu x64 (KB4598242).

Error: (01/22/2021 10:45:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2020-11 Aktualizace pro Windows 10 Version 2004 pro systémy typu x64 (KB4023057).

Error: (01/22/2021 10:45:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.329.2656.0).


Windows Defender:
===================================
Date: 2021-01-22 23:46:35.5990000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4AC308AA-9AF2-40E7-A023-00050984C1FC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-22 08:42:02.3360000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0E196009-AECC-4E0A-B0F9-FC582E13EE73}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-19 20:09:02.5150000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5A1EF6D6-CB77-46CA-8926-9ED452DBC98D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-19 07:50:24.3390000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D5DCFF01-CB33-4743-AA8F-22F4984CBCD4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-17 20:17:31.2720000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BFF855DC-98B0-4923-8AD9-3EED82C7DA08}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-22 23:45:27.7130000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní

Date: 2021-01-22 22:39:06.4320000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní

Date: 2021-01-22 22:32:55.0760000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní

Date: 2021-01-22 22:31:29.9620000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní

Date: 2021-01-22 21:50:06.2920000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2557.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.10 12/15/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 73%
Total physical RAM: 3977.98 MB
Available physical RAM: 1047.12 MB
Total Virtual: 6025.98 MB
Available Virtual: 2313.32 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:449.63 GB) (Free:397.55 GB) NTFS

\\?\Volume{414dccc3-71f7-4d72-b174-4e9bcbfbbdb4}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{20b6bdd9-f4d3-46ad-8a0e-df9d1f7349ff}\ (Push Button Reset) (Fixed) (Total:15.13 GB) (Free:2.05 GB) NTFS
\\?\Volume{c6fbe306-b887-45be-928c-50c805635f87}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ADAB34DE)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2021
Ran by PC1 (administrator) on PC (Acer Aspire ES1-512) (22-01-2021 23:57:10)
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1
Platform: Windows 10 Home Version 2004 19041.508 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Facebook, Inc. -> Facebook) C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe
(Facebook, Inc. -> The CefSharp Authors) C:\Users\PC1\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\PC1\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\PC1\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.104\Installer\chrmstp.exe [2021-01-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-02-24]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Startup: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03F6CBEC-ED3B-44F9-A54C-FA29852B40E3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0C5D04A1-B36E-4F9D-82C0-CA730F1DAB29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0E5967DC-6B89-46A5-8CCE-DB77EA166233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-24] (Google Inc -> Google Inc.)
Task: {19BA59BC-BF86-4515-8171-D5ABA93D6E90} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {23BADF0E-668C-4C10-90B9-AE6727B4879A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {30A1BAAF-29FE-4F7A-A761-BC65F74C1EB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-24] (Google Inc -> Google Inc.)
Task: {325E65FC-C889-4174-B70A-1BA61E32C33A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3786972A-C67A-4519-B167-082A6B690463} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {53C0C257-7B3C-43E3-91BD-72835627AF7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {6A2CFE04-EACF-4B3E-97A7-0240555EBACE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70F38D9C-851C-4337-A093-9101F931AE67} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {79FFF4F9-349F-496B-AAEC-28FEA05C5682} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {85EE7EFE-FBC8-46A1-B68C-032920DF65CB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {86BB18D0-8E2A-4B8A-94FB-650491D63458} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-17] (Acer Incorporated -> Acer Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {886618AC-8186-46A3-9FD5-F7E94C532D26} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {8ED9545E-057D-4FE7-8A43-520EC7E9F671} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A73D91F0-A237-4877-A104-B762434A1062} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {AC295934-0929-46CE-AB3D-9BF8B2CC6DF4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF3D53FA-56AF-44AB-A042-66B14F390B22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B19C90E4-E2E0-4981-9048-47C15AF39C1C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9D76858-C4B4-432B-9D75-94CFB9234AB0} - \WPD\SqmUpload_S-1-5-21-3621340843-3382866814-1888067393-1001 -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D0C8AD33-F793-4C59-B277-AD0053DD9BEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {D3E7A086-3886-44E3-925D-532436F4D53E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DFA9C9A0-E1DB-4D2A-8EF8-AFF10E8DD84F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {E128A530-E9B5-48CB-991B-30D13B013818} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E181831A-B195-47A6-A234-9BBD96111346} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E5ED99A9-BFDE-414E-8B41-A783FE6BC852} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {F00C49B7-77D6-426B-A90B-EE919FC52420} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{112a3ec0-ef5e-446f-89a2-54e2798b749d}: [DhcpNameServer] 84.16.120.1 84.16.96.2
Tcpip\..\Interfaces\{f2bfa094-9f8f-4b44-8357-107c4699269f}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-22]
Edge StartupUrls: Default -> "hxxps://seznam.cz/"

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2021-01-22]
CHR Notifications: Default -> hxxps://brnensky.denik.cz; hxxps://ruvid.net; hxxps://web.skype.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-12]
CHR Extension: (Vyhledávání Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-12]
CHR Extension: (Tabulky) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-22]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-22]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DoSvc; C:\WINDOWS\system32\dosvc.dll [1492480 2020-09-11] (Microsoft Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [566272 2020-09-11] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [3384832 2020-09-11] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl38b54861; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C7EE06B8-1B26-46BE-A4A6-3D8EC661BB1B}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-22 23:25 - 2021-01-22 23:32 - 000000000 ____D C:\AdwCleaner
2021-01-22 23:21 - 2021-01-22 23:21 - 008447152 _____ (Malwarebytes) C:\Users\PC1\Downloads\AdwCleaner.exe
2021-01-22 22:48 - 2021-01-22 22:53 - 000031307 _____ C:\Users\PC1\Downloads\Addition.txt
2021-01-22 22:41 - 2021-01-23 00:00 - 000015424 _____ C:\Users\PC1\Downloads\FRST.txt
2021-01-22 22:41 - 2021-01-22 23:58 - 000000000 ____D C:\FRST
2021-01-22 22:14 - 2021-01-22 22:15 - 002296320 _____ (Farbar) C:\Users\PC1\Downloads\FRST64.exe
2021-01-22 19:49 - 2021-01-22 19:49 - 000000000 ____D C:\Users\PC1\AppData\Local\mbam
2021-01-22 19:47 - 2021-01-22 19:47 - 000000000 ____D C:\ProgramData\Malwarebytes

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-22 23:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-22 23:35 - 2016-01-28 05:07 - 000000000 __SHD C:\Users\PC1\IntelGraphicsProfiles
2021-01-22 23:34 - 2020-09-01 17:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-22 23:34 - 2020-09-01 16:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-22 23:33 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-22 23:32 - 2014-07-25 10:32 - 000000000 ____D C:\ProgramData\acer
2021-01-22 23:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-22 22:47 - 2020-09-01 16:55 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-22 22:47 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-22 22:47 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-22 22:47 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-22 22:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-22 22:09 - 2020-09-01 16:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-22 19:17 - 2016-02-24 19:36 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-22 19:17 - 2016-02-24 19:36 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-19 16:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-18 07:18 - 2020-09-01 17:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-18 07:18 - 2020-09-01 17:14 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-13 14:46 - 2020-09-01 16:37 - 000000000 ____D C:\Users\PC1
2021-01-11 08:30 - 2020-06-06 20:47 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-11 08:30 - 2020-06-06 20:47 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-11 08:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-11 08:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness

==================== Files in the root of some directories ========

2016-11-27 09:41 - 2016-11-27 09:41 - 000000000 _____ () C:\Users\PC1\AppData\Local\{533362CA-CA49-435B-8BD3-BE710345CFB6}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  CMD: dsregcmd /status
  
  HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
  Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-02-24]
  ShortcutTarget: $McRebootA5E6DEAA56$.lnk ->  (No File)
  Task: {03F6CBEC-ED3B-44F9-A54C-FA29852B40E3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
  Task: {19BA59BC-BF86-4515-8171-D5ABA93D6E90} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  Task: {23BADF0E-668C-4C10-90B9-AE6727B4879A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
  Task: {3786972A-C67A-4519-B167-082A6B690463} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
  Task: {79FFF4F9-349F-496B-AAEC-28FEA05C5682} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
  Task: {85EE7EFE-FBC8-46A1-B68C-032920DF65CB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
  Task: {8ED9545E-057D-4FE7-8A43-520EC7E9F671} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
  Task: {A73D91F0-A237-4877-A104-B762434A1062} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
  Task: {B19C90E4-E2E0-4981-9048-47C15AF39C1C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
  Task: {B9D76858-C4B4-432B-9D75-94CFB9234AB0} - \WPD\SqmUpload_S-1-5-21-3621340843-3382866814-1888067393-1001 -> No File <==== ATTENTION
  Task: {D0C8AD33-F793-4C59-B277-AD0053DD9BEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
  Task: {E128A530-E9B5-48CB-991B-30D13B013818} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
  Task: {E181831A-B195-47A6-A234-9BBD96111346} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
  Task: {E5ED99A9-BFDE-414E-8B41-A783FE6BC852} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
  CHR Notifications: Default -> hxxps://brnensky.denik.cz; hxxps://ruvid.net; hxxps://web.skype.com; hxxps://www.facebook.com
  S3 MpKsl38b54861; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C7EE06B8-1B26-46BE-A4A6-3D8EC661BB1B}\MpKslDrv.sys [X]
  2016-11-27 09:41 - 2016-11-27 09:41 - 000000000 _____ () C:\Users\PC1\AppData\Local\{533362CA-CA49-435B-8BD3-BE710345CFB6}
  CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\PC1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
  ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  FirewallRules: [{B9F8EF43-3AD1-4556-AC82-08BD90F64216}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
  FirewallRules: [{7CC70521-B49B-4750-AF96-D6FA6A2D7F81}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
  FirewallRules: [{F2A9C531-0840-4252-A999-F729FA75E882}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
  FirewallRules: [{17883264-F0BC-4E87-BD21-8B8728F3EAD3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
  FirewallRules: [{B6A67B15-3612-409E-9C60-FF871A517BC2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
  FirewallRules: [{CFE035C3-2741-441E-AD8A-DFF1EFBDCDFB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
  FirewallRules: [{2C6628DF-9D60-4113-8EEF-941D344B047C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
  FirewallRules: [{5D3002CA-4E67-4CF2-998A-A77C92B46CC3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
  FirewallRules: [{0E391492-65DB-4481-98ED-EBFD2D49BBF1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => No File
  FirewallRules: [{01FF3F81-FD40-43A6-A80F-BF23ACD5A769}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => No File
  FirewallRules: [{92F45B22-EB60-4EDC-A923-1C4E2E38F9A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
  FirewallRules: [{6F2DB46D-3622-4C21-A8E3-E1D126FB96A0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
  FirewallRules: [{438417F8-0160-410A-AFED-BFF44655C361}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
  FirewallRules: [{6E7CC2B7-C7D2-4E0F-9C3F-A31847874852}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
  FirewallRules: [{85CB6F12-533E-4A0A-B367-BE001655AD30}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
  FirewallRules: [{82D659CD-FCA4-40A0-AD76-F6FB16869E3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
  FirewallRules: [{C7B6C0B1-FCC6-498B-BCFF-336349AD329B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
  FirewallRules: [{06D51ED3-9979-4F3D-B249-9277AC5E28C7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
  FirewallRules: [{01A8826E-065D-4E15-BA79-1D972E26E9CD}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
  FirewallRules: [{30E8ABD7-F29C-4BDA-8EA7-3CE18954E8DA}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
  FirewallRules: [{3104E404-ABE8-4787-8D64-37DAFC793050}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
  FirewallRules: [{3B5E562A-6E7F-41B2-95A6-8457B445B9F1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
  FirewallRules: [{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
  FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
  FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
  FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
  FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
  FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
  FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
  FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
  FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
  FirewallRules: [TCP Query User{B6594DBD-DA02-43D0-8B47-3DD99E6A6ED4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
  FirewallRules: [UDP Query User{6EFB80F9-1F50-4BB4-AD9F-97974791B473}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
  FirewallRules: [TCP Query User{80478B5E-DA53-4F5A-8090-9236D5E754DB}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
  FirewallRules: [UDP Query User{42336124-C418-4217-8000-0DDD234B24B4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
  
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah skopiruj a vloz do dalsej odpovede

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-01-2021
Ran by PC1 (23-01-2021 01:11:12) Run:1
Running from C:\Users\PC1\Desktop
Loaded Profiles: PC1
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: dsregcmd /status

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-02-24]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {03F6CBEC-ED3B-44F9-A54C-FA29852B40E3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {19BA59BC-BF86-4515-8171-D5ABA93D6E90} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {23BADF0E-668C-4C10-90B9-AE6727B4879A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3786972A-C67A-4519-B167-082A6B690463} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {79FFF4F9-349F-496B-AAEC-28FEA05C5682} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {85EE7EFE-FBC8-46A1-B68C-032920DF65CB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8ED9545E-057D-4FE7-8A43-520EC7E9F671} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A73D91F0-A237-4877-A104-B762434A1062} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B19C90E4-E2E0-4981-9048-47C15AF39C1C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B9D76858-C4B4-432B-9D75-94CFB9234AB0} - \WPD\SqmUpload_S-1-5-21-3621340843-3382866814-1888067393-1001 -> No File <==== ATTENTION
Task: {D0C8AD33-F793-4C59-B277-AD0053DD9BEF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E128A530-E9B5-48CB-991B-30D13B013818} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E181831A-B195-47A6-A234-9BBD96111346} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E5ED99A9-BFDE-414E-8B41-A783FE6BC852} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
CHR Notifications: Default -> hxxps://brnensky.denik.cz; hxxps://ruvid.net; hxxps://web.skype.com; hxxps://www.facebook.com
S3 MpKsl38b54861; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C7EE06B8-1B26-46BE-A4A6-3D8EC661BB1B}\MpKslDrv.sys [X]
2016-11-27 09:41 - 2016-11-27 09:41 - 000000000 _____ () C:\Users\PC1\AppData\Local\{533362CA-CA49-435B-8BD3-BE710345CFB6}
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\PC1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{B9F8EF43-3AD1-4556-AC82-08BD90F64216}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{7CC70521-B49B-4750-AF96-D6FA6A2D7F81}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{F2A9C531-0840-4252-A999-F729FA75E882}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{17883264-F0BC-4E87-BD21-8B8728F3EAD3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{B6A67B15-3612-409E-9C60-FF871A517BC2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{CFE035C3-2741-441E-AD8A-DFF1EFBDCDFB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{2C6628DF-9D60-4113-8EEF-941D344B047C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{5D3002CA-4E67-4CF2-998A-A77C92B46CC3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{0E391492-65DB-4481-98ED-EBFD2D49BBF1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => No File
FirewallRules: [{01FF3F81-FD40-43A6-A80F-BF23ACD5A769}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe => No File
FirewallRules: [{92F45B22-EB60-4EDC-A923-1C4E2E38F9A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{6F2DB46D-3622-4C21-A8E3-E1D126FB96A0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{438417F8-0160-410A-AFED-BFF44655C361}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{6E7CC2B7-C7D2-4E0F-9C3F-A31847874852}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{85CB6F12-533E-4A0A-B367-BE001655AD30}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{82D659CD-FCA4-40A0-AD76-F6FB16869E3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe => No File
FirewallRules: [{C7B6C0B1-FCC6-498B-BCFF-336349AD329B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{06D51ED3-9979-4F3D-B249-9277AC5E28C7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe => No File
FirewallRules: [{01A8826E-065D-4E15-BA79-1D972E26E9CD}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{30E8ABD7-F29C-4BDA-8EA7-3CE18954E8DA}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{3104E404-ABE8-4787-8D64-37DAFC793050}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{3B5E562A-6E7F-41B2-95A6-8457B445B9F1}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe => No File
FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe => No File
FirewallRules: [TCP Query User{B6594DBD-DA02-43D0-8B47-3DD99E6A6ED4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6EFB80F9-1F50-4BB4-AD9F-97974791B473}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{80478B5E-DA53-4F5A-8090-9236D5E754DB}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{42336124-C418-4217-8000-0DDD234B24B4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 9
Average :
Sum : 2343487
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========= dsregcmd /status =========


+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+

AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : NO
Device Name : pc

+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+

NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : NO

+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+

AzureAdPrt : NO
AzureAdPrtAuthority : NO
EnterprisePrt : NO
EnterprisePrtAuthority : NO

+----------------------------------------------------------------------+
| IE Proxy Config for Current User |
+----------------------------------------------------------------------+

Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :

+----------------------------------------------------------------------+
| WinHttp Default Proxy Config |
+----------------------------------------------------------------------+

Access Type : DIRECT

+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+

IsDeviceJoined : NO
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision

For more information, please visit https://www.microsoft.com/aadjerrors
========= End of CMD: =========

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk => moved successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03F6CBEC-ED3B-44F9-A54C-FA29852B40E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03F6CBEC-ED3B-44F9-A54C-FA29852B40E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{19BA59BC-BF86-4515-8171-D5ABA93D6E90}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19BA59BC-BF86-4515-8171-D5ABA93D6E90}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23BADF0E-668C-4C10-90B9-AE6727B4879A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23BADF0E-668C-4C10-90B9-AE6727B4879A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3786972A-C67A-4519-B167-082A6B690463}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3786972A-C67A-4519-B167-082A6B690463}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79FFF4F9-349F-496B-AAEC-28FEA05C5682}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79FFF4F9-349F-496B-AAEC-28FEA05C5682}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85EE7EFE-FBC8-46A1-B68C-032920DF65CB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85EE7EFE-FBC8-46A1-B68C-032920DF65CB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8ED9545E-057D-4FE7-8A43-520EC7E9F671}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8ED9545E-057D-4FE7-8A43-520EC7E9F671}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A73D91F0-A237-4877-A104-B762434A1062}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A73D91F0-A237-4877-A104-B762434A1062}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B19C90E4-E2E0-4981-9048-47C15AF39C1C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B19C90E4-E2E0-4981-9048-47C15AF39C1C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9D76858-C4B4-432B-9D75-94CFB9234AB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9D76858-C4B4-432B-9D75-94CFB9234AB0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3621340843-3382866814-1888067393-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0C8AD33-F793-4C59-B277-AD0053DD9BEF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0C8AD33-F793-4C59-B277-AD0053DD9BEF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E128A530-E9B5-48CB-991B-30D13B013818}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E128A530-E9B5-48CB-991B-30D13B013818}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E181831A-B195-47A6-A234-9BBD96111346}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E181831A-B195-47A6-A234-9BBD96111346}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5ED99A9-BFDE-414E-8B41-A783FE6BC852}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5ED99A9-BFDE-414E-8B41-A783FE6BC852}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"Chrome Notifications" => removed successfully
MpKsl38b54861 => service not found.
C:\Users\PC1\AppData\Local\{533362CA-CA49-435B-8BD3-BE710345CFB6} => moved successfully
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9F8EF43-3AD1-4556-AC82-08BD90F64216}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7CC70521-B49B-4750-AF96-D6FA6A2D7F81}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F2A9C531-0840-4252-A999-F729FA75E882}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17883264-F0BC-4E87-BD21-8B8728F3EAD3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B6A67B15-3612-409E-9C60-FF871A517BC2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CFE035C3-2741-441E-AD8A-DFF1EFBDCDFB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C6628DF-9D60-4113-8EEF-941D344B047C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5D3002CA-4E67-4CF2-998A-A77C92B46CC3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E391492-65DB-4481-98ED-EBFD2D49BBF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01FF3F81-FD40-43A6-A80F-BF23ACD5A769}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92F45B22-EB60-4EDC-A923-1C4E2E38F9A9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F2DB46D-3622-4C21-A8E3-E1D126FB96A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{438417F8-0160-410A-AFED-BFF44655C361}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6E7CC2B7-C7D2-4E0F-9C3F-A31847874852}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{85CB6F12-533E-4A0A-B367-BE001655AD30}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{82D659CD-FCA4-40A0-AD76-F6FB16869E3B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7B6C0B1-FCC6-498B-BCFF-336349AD329B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06D51ED3-9979-4F3D-B249-9277AC5E28C7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01A8826E-065D-4E15-BA79-1D972E26E9CD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30E8ABD7-F29C-4BDA-8EA7-3CE18954E8DA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3104E404-ABE8-4787-8D64-37DAFC793050}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B5E562A-6E7F-41B2-95A6-8457B445B9F1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BF25D37-7A6B-4E41-A12B-62590D2F2C8F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B0A8986-CF0E-444E-9980-89AA689A5F63}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A634A7B9-DC92-4733-91A5-62440209799E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB065535-F3C5-4A3C-9FB0-90E9F8496509}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32364E85-BC96-4E5F-B66E-C42B64913155}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{693F7DA1-D651-42E5-97EE-8E63195D98F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1414C8AC-D04A-428C-8526-E809CA219532}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B6594DBD-DA02-43D0-8B47-3DD99E6A6ED4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6EFB80F9-1F50-4BB4-AD9F-97974791B473}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{80478B5E-DA53-4F5A-8090-9236D5E754DB}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{42336124-C418-4217-8000-0DDD234B24B4}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 17850368 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 208156128 B
Java, Flash, Steam htmlcache => 6779 B
Windows/system/drivers => 2070591 B
Edge => 5119688 B
Chrome => 1335565143 B
Brave => 0 B
Vivaldi => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16854 B
NetworkService => 12501174 B
PC1 => 33624870 B

RecycleBin => 1684669759 B
EmptyTemp: => 3.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:20:17 ====

Ako to vyzera s PC? Nastala nejaka zmena?

Problem s tymito hlaskami by mal byt odstraneny. Podla vsetkeho islo o Chrome notifikacie z pomerne pochybnej stranky ruvid.net, kedze tato stranka mala (v Chrome) povolene zasielaie notifikacii. Predchadzajucim krokom sa povolenia na zasielanie notifikacii v Chrome vycistili, takze uz by sa uz nemali objavovat.

Podla logov boli mali predtym notifikacie povolene aj tieto stranky - https://brnensky.denik.cz; https://web.skype.com; https://www.facebook.com - ak z tychto stranok chces mat nadalej povolene notifikacie, treba ich znovu povolit alebo tieto stranky rucne pridat na zoznam stranok s povolenymi notifikaciami (Chrome -> Nastavenia -> Nastavenia webu -> Upozornenia (alebo Oznameni v cestine) -> v casti Povolit klikni na Pridat).

Děkuji, za opravu. Jiz se chiva standardně.